docs: clarify security semantics of safeStorage (#42673)
* docs: clarify security semantics of safeStorage Co-authored-by: Samuel Attard <marshallofsound@electronjs.org> * Apply suggestions from code review Co-authored-by: Erick Zhao <erick@hotmail.ca> Co-authored-by: Samuel Attard <sam@electronjs.org> * Update safe-storage.md Co-authored-by: Samuel Attard <sam@electronjs.org> * Update safe-storage.md Co-authored-by: Samuel Attard <sam@electronjs.org> --------- Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com> Co-authored-by: Samuel Attard <marshallofsound@electronjs.org> Co-authored-by: Samuel Attard <sam@electronjs.org>
This commit is contained in:
parent
13be04d0bf
commit
f2666baeb7
1 changed files with 13 additions and 1 deletions
|
@ -4,7 +4,19 @@
|
||||||
|
|
||||||
Process: [Main](../glossary.md#main-process)
|
Process: [Main](../glossary.md#main-process)
|
||||||
|
|
||||||
This module protects data stored on disk from being accessed by other applications or users with full disk access.
|
This module adds extra protection to data being stored on disk by using OS-provided cryptography systems. Current
|
||||||
|
security semantics for each platform are outlined below.
|
||||||
|
|
||||||
|
* **macOS**: Encryption keys are stored for your app in [Keychain Access](https://support.apple.com/en-ca/guide/keychain-access/kyca1083/mac) in a way that prevents
|
||||||
|
other applications from loading them without user override. Therefore, content is protected from other users and other apps running in the same userspace.
|
||||||
|
* **Windows**: Encryption keys are generated via [DPAPI](https://learn.microsoft.com/en-us/windows/win32/api/dpapi/nf-dpapi-cryptprotectdata).
|
||||||
|
As per the Windows documentation: "Typically, only a user with the same logon credential as the user who encrypted the data can typically
|
||||||
|
decrypt the data". Therefore, content is protected from other users on the same machine, but not from other apps running in the
|
||||||
|
same userspace.
|
||||||
|
* **Linux**: Encryption keys are generated and stored in a secret store that varies depending on your window manager and system setup. Options currently supported are `kwallet`, `kwallet5`, `kwallet6` and `gnome-libsecret`, but more may be available in future versions of Electron. As such, the
|
||||||
|
security semantics of content protected via the `safeStorage` API vary between window managers and secret stores.
|
||||||
|
* Note that not all Linux setups have an available secret store. If no secret store is available, items stored in using the `safeStorage` API will be unprotected
|
||||||
|
as they are encrypted via hardcoded plaintext password. You can detect when this happens when `safeStorage.getSelectedStorageBackend()` returns `basic_text`.
|
||||||
|
|
||||||
Note that on Mac, access to the system Keychain is required and
|
Note that on Mac, access to the system Keychain is required and
|
||||||
these calls can block the current thread to collect user input.
|
these calls can block the current thread to collect user input.
|
||||||
|
|
Loading…
Reference in a new issue