From 4c987a062b3f9fbc644129b74b213107009b879a Mon Sep 17 00:00:00 2001 From: Maic Siemering Date: Tue, 10 Oct 2023 22:24:05 +0200 Subject: [PATCH] Replace 'package repo' with 'package registry' in spec 1.0 --- docs/spec/v1.0/threats-overview.md | 4 ++-- docs/spec/v1.0/threats.md | 10 +++++----- docs/spec/v1.0/use-cases.md | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/spec/v1.0/threats-overview.md b/docs/spec/v1.0/threats-overview.md index e06cab75e..4df355239 100644 --- a/docs/spec/v1.0/threats-overview.md +++ b/docs/spec/v1.0/threats-overview.md @@ -80,8 +80,8 @@ Many recent high-profile attacks were consequences of supply chain integrity vul Provenance of the artifact in the GCS bucket would have shown that the artifact was not built in the expected manner from the expected source repo. G -Compromise package repo -Attacks on Package Mirrors: Researcher ran mirrors for several popular package repositories, which could have been used to serve malicious packages. +Compromise package registry +Attacks on Package Mirrors: Researcher ran mirrors for several popular package registries, which could have been used to serve malicious packages. Similar to above (F), provenance of the malicious artifacts would have shown that they were not built as expected or from the expected source repo. H diff --git a/docs/spec/v1.0/threats.md b/docs/spec/v1.0/threats.md index 237169e4d..c8f0affbe 100644 --- a/docs/spec/v1.0/threats.md +++ b/docs/spec/v1.0/threats.md @@ -389,14 +389,14 @@ cryptographic signature is no longer valid. -### (G) Compromise package repo +### (G) Compromise package registry -An adversary modifies the package on the package repository using an +An adversary modifies the package on the package registry using an administrative interface or through a compromise of the infrastructure.
De-list artifact -*Threat:* The package repository stops serving the artifact. +*Threat:* The package registry stops serving the artifact. *Mitigation:* N/A - This threat is out of scope of SLSA v1.0. @@ -404,7 +404,7 @@ administrative interface or through a compromise of the infrastructure.
De-list provenance -*Threat:* The package repository stops serving the provenance. +*Threat:* The package registry stops serving the provenance. *Mitigation:* N/A - This threat is out of scope of SLSA v1.0. @@ -412,7 +412,7 @@ administrative interface or through a compromise of the infrastructure. ### (H) Use compromised package -An adversary modifies the package after it has left the package repository, or +An adversary modifies the package after it has left the package registry, or tricks the user into using an unintended package.
Typosquatting diff --git a/docs/spec/v1.0/use-cases.md b/docs/spec/v1.0/use-cases.md index af55cfc1e..79b4c425d 100644 --- a/docs/spec/v1.0/use-cases.md +++ b/docs/spec/v1.0/use-cases.md @@ -43,7 +43,7 @@ Example ways an organization might use SLSA internally: - A large company uses SLSA to require two person review for every production change, scalably across hundreds or thousands of employees/teams. - An open source project uses SLSA to ensure that compromised credentials - cannot be abused to release an unofficial package to a package repostory. + cannot be abused to release an unofficial package to a package registry. **Case study:** [Google (Binary Authorization for Borg)](https://cloud.google.com/docs/security/binary-authorization-for-borg)