Merge pull request #1082 from florianjacob/threatmodel-fixes

Minor fixes in threatmodel appendix
pull/977/head
Richard van der Hoff 7 years ago committed by GitHub
commit 78e6b768b5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -65,7 +65,7 @@ making the chatroom unusable.
Threat: Banning users without necessary authorisation Threat: Banning users without necessary authorisation
+++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++++++++++++++++++++
An attacker could attempt to ban a user from a chatroom with the necessary An attacker could attempt to ban a user from a chatroom without the necessary
authorisation. authorisation.
Spoofing Spoofing
@ -134,7 +134,7 @@ An attacker could try to convince servers within a chatroom to send messages to
a server it controls that was not authorised to be within the chatroom. a server it controls that was not authorised to be within the chatroom.
Threat: Disclosure to Servers Within Chatroom Threat: Disclosure to Servers Within Chatroom
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +++++++++++++++++++++++++++++++++++++++++++++
An attacker could take control of a server within a chatroom to expose message An attacker could take control of a server within a chatroom to expose message
contents or metadata for messages in that room. contents or metadata for messages in that room.

Loading…
Cancel
Save