Skip to content

Commit

Permalink
security model updates (#19656)
Browse files Browse the repository at this point in the history
  • Loading branch information
@mickael-hc
mickael-hc authored Mar 21, 2023
1 parent 61ede67 commit 3926057
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions website/content/docs/internals/security.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,12 @@ The following are not considered part of the Vault threat model:
credentials, they can access Vault with the level of privilege associated with this
client.

- Protecting against Vault administrators supplying vulnerable or malicious configuration
data. Any data provided as configuration values to Vault's administrative endpoints
(e.g. [secret engines](/vault/docs/secrets) configurations), or Vault's
configuration files should be validated. If an attacker can write to Vault's
configuration, then the confidentiality or integrity of data can be compromised.

# External Threat Overview

Vault architecture compromises of three distinct systems:
Expand Down

0 comments on commit 3926057

Please sign in to comment.