docs: add threat model document#6676
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #6676 +/- ##
==========================================
- Coverage 95.48% 94.78% -0.71%
==========================================
Files 370 374 +4
Lines 12160 12439 +279
Branches 2805 2841 +36
==========================================
+ Hits 11611 11790 +179
- Misses 549 649 +100 🚀 New features to boost your workflow:
|
|
Hello! I have been working on a more general document related to the OpenTelemetry security model which is now publicly available over at open-telemetry/sig-security/pull/261. I would appreciate your feedback there, thanks! |
Dipanshusinghh
left a comment
Dipanshusinghh
left a comment
There was a problem hiding this comment.
Thanks for putting this together, this is a really useful clarification of the threat model for js.
The separation of trusted vs untrusted elements is quite clear, especially around API inputs, exporters, and instrumentations. The DoS section and dependency handling also help in setting practical boundaries for vulnerability reporting
This should help reduce ambiguity in future securiy discussions.
Happy to follow along with the discussion here.
4 participants
Which problem is this PR solving?
We currently don't really define what is and what is not a vulnerability. Inspired by Node.js' SECURITY.md, this PR introduces a
THREAT_MODEL.mdas an extension of our security policy.This PR is mainly intended to be a place of discussion for now, and I don't expect this to merge as-is.
I think it makes sense to generalize this in the future and have one Threat Model document for Language SIGs, since the challenges will be similar across all of them (the concepts of API/SDK and Instrumentations exist almost everywhere).
Disclouse of AI use: I used Claude Sonnet 4.6 to help me write that text from a bullet-point list that I've drafted.