Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Level 3 input and output defences #922

Open
kclark-scottlogic opened this issue Sep 25, 2024 · 1 comment
Open

Level 3 input and output defences #922

kclark-scottlogic opened this issue Sep 25, 2024 · 1 comment
Labels
bug Something isn't working frontend Requires work on the frontend good first issue Simple issue

Comments

@kclark-scottlogic
Copy link
Contributor

kclark-scottlogic commented Sep 25, 2024
edited
Loading

In level 3. We have the configurable defenses. The hardcoded key words for input and output filtering don't actually relate to anything in level 3 so when these are turned on they are effectively useless.
@kclark-scottlogic kclark-scottlogic added bug Something isn't working frontend Requires work on the frontend good first issue Simple issue labels Sep 25, 2024
@chriswilty chriswilty removed the good first issue Simple issue label Oct 21, 2024
@chriswilty
Copy link
Member

For Level 3, I suggest lake- and water-related keywords, such as:

  • Input filtering: lake, loch, lochan, secret, source
  • Output filtering: secret

For Sandbox Level, we probably want something like this:

  • Input filtering: bonus, passphrase, password, redundant, redundancy, salary, wage
  • Output filtering: password, secret

Note that currently we have the same default defences for Level 3 and Sandbox, so these will need to be separated - see backend/src/defaultDefences.ts

@chriswilty chriswilty added the good first issue Simple issue label Oct 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working frontend Requires work on the frontend good first issue Simple issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chriswilty @kclark-scottlogic