CodeMirror/xpipe
1
0
Fork 0
mirror of https://github.com/xpipe-io/xpipe.git synced 2024-06-28 11:00:28 +12:00
Code Issues Packages Projects Releases Wiki Activity

Update readmes

Browse source
This commit is contained in:
crschnick 2023-08-10 16:40:48 +00:00
parent b7704b8013
commit 6666b5bd65
2 changed files with 29 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
README.md
View file

@ -6,11 +6,11 @@ XPipe is a new type of shell connection hub and remote file manager that allows
XPipe fully integrates with your tools such as your favourite text/code editors, terminals, shells, command-line tools and more. The platform is designed to be extensible, allowing anyone to add easily support for more tools or to implement custom functionality through a modular extension system.
The full feature set is currently supported for:
It currently supports:
- [Kubernetes](https://kubernetes.io/) clusters, pods, and containers
- [Docker](https://www.docker.com/) and [LXD](https://linuxcontainers.org/lxd/introduction/) container instances located on any host
- [SSH](https://www.ssh.com/academy/ssh/protocol) connections
- [Windows Subsystem for Linux](https://ubuntu.com/wsl) instances
- [Docker](https://www.docker.com/), [Podman](https://podman.io/), and [LXD](https://linuxcontainers.org/lxd/introduction/) container instances located on any host
- [SSH](https://www.ssh.com/academy/ssh/protocol) connections, config file connections, and tunnels
- [Windows Subsystem for Linux](https://ubuntu.com/wsl), [Cygwin](https://www.cygwin.com/), and [MSYS2](https://www.msys2.org/) instances
- [Powershell Remote Sessions](https://learn.microsoft.com/en-us/powershell/scripting/learn/remoting/running-remote-commands?view=powershell-7.3)
- Any other custom remote connection methods that work through the command-line
@ -83,6 +83,8 @@ You can also install XPipe by pasting the installation command into your termina
##### Linux / MacOS
The script supports installation via `apt`, `rpm`, and `pacman` on Linux, plus a `.pkg` install on macOS:
```
bash <(curl -sL https://raw.githubusercontent.com/xpipe-io/xpipe/master/get-xpipe.sh)
```
@ -93,13 +95,6 @@ bash <(curl -sL https://raw.githubusercontent.com/xpipe-io/xpipe/master/get-xpip
powershell -ExecutionPolicy Bypass -Command iwr "https://raw.githubusercontent.com/xpipe-io/xpipe/master/get-xpipe.ps1" -OutFile "$env:TEMP\get-xpipe.ps1" ";" "&" "$env:TEMP\get-xpipe.ps1"
```
### Notes for Bitdefender users
Right now, for some reason, only Bitdefender really does not like XPipe doing anything on your system.
It will instantly quarantine the application when it opens a shell *plus the system shells itself*,
so it can prevent you from opening any shell on your own afterward.
For more information, see the [security page](https://github.com/xpipe-io/xpipe/blob/master/SECURITY.md#antivirus-programs).
## Further information
For information about the security model of XPipe, see the [security page](/SECURITY.md).

68
SECURITY.md
View file

@ -57,71 +57,50 @@ The general approach of XPipe can be summarized as follows:
### Storage of sensitive information
All XPipe data is exclusively stored on your local machine at `~/.xpipe/storage`.
You can choose to change this storage location in the settings menu.
All XPipe data is exclusively stored on your local machine at `~/.xpipe/storage`. You can choose to change this storage location in the settings menu.
All sensitive information is encrypted when it is saved to disk on your local machine using AES
with either:
You have the option to either fetch any sensitive information like passwords from outside sources like prompts or password managers. In that case, XPipe doesn't have to store any of that information itself.
In case you choose to store passwords within XPipe, all sensitive information is encrypted when it is saved to disk on your local machine using AES with either:
- A custom master key that can be set by you in the settings menu
(This option is only as secure as the password you choose)
- A somewhat dynamically generated key (This option can be reverse
engineered though, there is no way of perfectly securing your data without any custom key)
It is also planned that you will be able to
source passwords and more directly from other external sources such as password managers in the future.
### Passing of sensitive information
When any kind of login information is required by a command-line program, it has to be passed to it somehow.
If the program runs on your local system, the data does not leave your local system.
If login information is required on a remote system, then that data must be transferred to that remote system.
When any kind of login information is required by a command-line program, it has to be passed to it somehow. If the program runs on your local system, the data does not leave your local system. If login information is required on a remote system, then that data must be transferred to that remote system.
In case a program accepts password input via stdin, this process is relatively straightforward.
Then the passed sensitive information is just written into the stdin of the program and does not show up in any history
or file system.
In case a program accepts password input via stdin, this process is relatively straightforward. Then the passed sensitive information is just written into the stdin of the program and does not show up in any history or file system.
When a program only accepts password input via an environment variable or an askpass program,
a self deleting password supplier script file is generated by XPipe.
This script contains the encrypted password and will supply
the password to the target program exactly once when invoked and immediately deletes itself afterwards.
When a program only accepts password input via an environment variable or an askpass program, a self deleting password supplier script file is generated by XPipe.
This script contains the encrypted password and will supply the password to the target program exactly once when invoked and immediately deletes itself afterward.
This behavior ensures that there is no leftover password script after an operation is performed.
As a secondary measure, for cases in which the calling program crashes
and is not able to execute the script and therefore doesn't delete the password script,
the generated script directory is also frequently cleaned.
As a result, no sensitive information of yours should show
up in any kind of shell history or on any file system.
As a secondary measure, for cases in which the calling program crashes and is not able to execute the script and therefore doesn't delete the password script, the generated script directory is also frequently cleaned.
As a result, no sensitive information of yours should show up in any kind of shell history or on any file system.
### The purpose of shell scripts
Whenever you open a remote connection in a terminal from XPipe, you will notice that your terminal shows
the name of a script located in your temp directory in the title bar to indicate that you're currently executing it.
The naming scheme of these scripts is usually something like `xpipe/exec-<id>.(bat|sh|ps1)`
This is intended as these scripts contain all commands that are required
to realize the functionality of connecting and initializing the shell environment.
These scripts do not contain any sensitive information,
you are free to inspect them yourselves in the temp directory.
Whenever you open a remote connection in a terminal from XPipe, your terminal sometimes shows the name of a script located in your temp directory in the title bar to indicate that you're currently executing it.
The naming scheme of these scripts is usually something like `exec-<id>.(bat|sh|ps1)`.
This is intended as these scripts contain all commands that are required to realize the functionality of connecting and initializing the shell environment.
These scripts do not contain any sensitive information, you are free to inspect them yourselves in the temp directory.
In case a script connects to a remote system and passes login information to a program via variables or askpass
programs,
it automatically becomes useless after being invoked once (See [above](#passing-of-sensitive-information)).
As the script is run immediately after it is created initially, e.g.
when using the `Open in terminal` functionality, it becomes useless pretty much
instantly so any attacker doesn't obtain any sensitive information from it.
programs, it automatically becomes useless after being invoked once (See [above](#passing-of-sensitive-information)).
As the script is run immediately after it is created initially, e.g. when using the `Open in terminal` functionality, it becomes useless pretty much instantly so any attacker doesn't obtain any sensitive information from it.
### Logging
By default, XPipe creates log files located in `~/.xpipe/logs`.
Under normal conditions these log files do not contain any sensitive information.
If you choose to alter the log level in the settings menu or launch XPipe in debug mode,
these log files will contain a lot more and finer grained information, some of which might be sensitive.
By default, XPipe creates log files located in `~/.xpipe/logs`. These log files do not contain any sensitive information.
If you choose to launch XPipe in debug mode, these logs are printed to the console instead and will contain a lot more and finer grained information, some of which might be sensitive.
### Issue reports
Whenever an error occurs within XPipe or you choose to open the error reporter dialog,
you have the option to automatically send an error report with optional feedback and attachments.
This error report does not contain any sensitive information unless
you explicitly choose to attach debug mode log files (See above).
Whenever an error occurs within XPipe or you choose to open the error reporter dialog, you have the option to automatically send an error report with optional feedback and attachments.
This error report does not contain any sensitive information, unless you explicitly choose to attach log files.
## Isolation of systems
@ -129,8 +108,7 @@ Any infected remote system should be isolated enough such that any infection can
### User isolation
All relevant files like configuration files and other required temporary files
are only accessible by the current user.
All relevant files like configuration files and other required temporary files are only accessible by the current user.
Any other user on a system can't read or write them unless they have root/Administrator privileges.
### Isolation of remote systems
@ -144,7 +122,7 @@ other information stored by XPipe that is not explicitly sent to that host.
## Antivirus programs
### Windows
### Windows Defender
It may occasionally happen that Windows Defender warns and
even sometimes deletes XPipe due to it identifying the application as malware.
@ -169,7 +147,7 @@ On macOS the application bundle is signed and notarized and will therefore not e
For macOS this process does not require a company to be
set up and also only costs 125$ per year and is therefore much easier to accomplish.
### Malware detection
### Windows antivirus programs
In some cases, it might occur that your antivirus program flags XPipe as malware.
This is due to the fact that XPipe launches shells and executes various commands in them,