Comment by ronnier
4 hours ago
I love this product have used it for a long time now but more recently started getting worried about security. I hope the maintainers are doing their due diligence around securing their docker hub account (many of us run VW in docker) and are careful about libraries the project depends on. Some questionable coding practices were made that I'm not sure I agree with (calling a 3rd party sites in some scenarios). As more of us switch to self hosting VW it will become a juicer target for bad actors. Really hoping we don't wake up one day to find out that our database was uploaded by a BA
If you're running on kubernetes, a simple network policy and blocking the container from using DNS will stop any compromised image from performing a data exfill.
I do this for most containers.
If the container must have web access in some form, setup a squid proxy and only whitelist safe and trusted domains that can't be exfilled to.
The web frontend could still send secrets to third parties.
> a simple network policy and blocking the container from using DNS
Can you please point to some resources that can help with how to do this?
I use Docker (in Unraid).
I've threat modeled this myself, and as I understand it the Bitwarden client side decrypts/encrypts everything locally. So even if backend was entirely compromised, it's never getting anything without the master password, and that's never sent across by the client. Then again, there's also the web interface.
Yeah if an attacker was able to insert javascript then it's possible.
For this particular threat vector, where the client is compromised, the backend doesn’t matter.
1 reply →