Filip/matrix-spec
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-spec synced 2026-04-17 08:34:11 +02:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merge pull request #1082 from florianjacob/threatmodel-fixes

Browse source 
Minor fixes in threatmodel appendix
This commit is contained in:
Richard van der Hoff 2017-11-20 12:49:51 +00:00 committed by GitHub
parent 52dba5d89a a0455eb5b1
commit 78e6b768b5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
specification/appendices/threat_model.rst
View file

@ -65,7 +65,7 @@ making the chatroom unusable.
Threat: Banning users without necessary authorisation Threat: Banning users without necessary authorisation
+++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++
An attacker could attempt to ban a user from a chatroom with the necessary An attacker could attempt to ban a user from a chatroom without the necessary
authorisation. authorisation.
Spoofing Spoofing
@ -134,7 +134,7 @@ An attacker could try to convince servers within a chatroom to send messages to
a server it controls that was not authorised to be within the chatroom. a server it controls that was not authorised to be within the chatroom.
Threat: Disclosure to Servers Within Chatroom Threat: Disclosure to Servers Within Chatroom
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +++++++++++++++++++++++++++++++++++++++++++++
An attacker could take control of a server within a chatroom to expose message An attacker could take control of a server within a chatroom to expose message
contents or metadata for messages in that room. contents or metadata for messages in that room.