35 lines
1.3 KiB
Markdown
35 lines
1.3 KiB
Markdown
# Security
|
|
|
|
## Scope
|
|
|
|
CBDD is an embedded data engine. Security controls are shared between the library and the host application that embeds it.
|
|
|
|
## Authentication And Authorization Model
|
|
|
|
- CBDD does not provide built-in user authentication.
|
|
- Authorization is enforced by the host process and filesystem permissions.
|
|
- Access to database files must be limited to trusted service identities.
|
|
|
|
## Data Classification And Handling
|
|
|
|
- Treat persisted database files as sensitive when they contain customer or regulated data.
|
|
- Do not store secrets in source, fixtures, or benchmark datasets.
|
|
- Apply environment-specific retention and backup controls outside this repository.
|
|
|
|
## Storage And Cryptography Controls
|
|
|
|
- CBDD enforces integrity through WAL and transactional semantics.
|
|
- Encryption at rest and key management are host responsibilities.
|
|
- If encryption is required, use filesystem or volume-level encryption managed by platform security controls.
|
|
|
|
## Secure Coding Expectations
|
|
|
|
1. Require code review for storage, WAL, indexing, query, and serialization changes.
|
|
2. Add targeted tests for all security-relevant behavior changes.
|
|
3. Run package vulnerability checks in fitness pipeline.
|
|
|
|
## Incident Handling
|
|
|
|
- Follow [`runbook.md`](runbook.md) for incident triage and escalation.
|
|
- Label security-impacting issues with `security` and prioritize immediate containment.
|