Skip to content

Security: jlonapp/bods-bobi-migration-toolkit

Security

SECURITY.md

Security Policy

Reporting Vulnerabilities

If you discover a security vulnerability in this toolkit, please report it privately rather than opening a public GitHub issue.

Use GitHub Security Advisories to file a private report.

Security Considerations When Using This Toolkit

This toolkit handles sensitive credentials by design — database passwords, BODS encryption passphrases, and CMS administrator credentials. Follow these practices:

Never Commit Secrets

The repository's .gitignore excludes .conf and .csv files (only .example versions are tracked). Verify before each commit:

git diff --cached | grep -iE "password|passphrase|secret|key" || echo "OK"

File Permissions

Restrict permissions on configs containing credentials:

chmod 600 config/*.conf
chmod 600 repolists/*.csv

Password Rotation

After completing a migration, rotate any passwords that were stored in config files during the operation. Treat the operator's filesystem as compromised material until rotation is complete.

Dump Files

Oracle Data Pump .dmp files contain raw schema data including hashed credentials. Treat them as sensitive:

chmod 600 output/*/central_repos_*.dmp
# After successful migration:
rm -f output/*/central_repos_*.dmp

LCMBIAR Files

.lcmbiar files exported by LCM CLI contain user accounts and security data. Same handling as dump files.

Logs

Generated logs may include connection strings with masked passwords, but verify before sharing externally:

grep -iE "password=|passwd=|@.*:" output/*/*.log

Known Limitations

  • Shell scripts pass passwords on command lines (e.g., expdp system/<password>). On a multi-user host, other users may see them via ps. Run on dedicated migration hosts.
  • ATL files use a passphrase-based encryption scheme. The passphrase is stored in plaintext in repo CSVs. Restrict access accordingly.
  • LCM properties files contain CMS administrator passwords. Auto-generated under output/*/lcm/ — they inherit umask of the running shell. Set restrictive umask before running: 
    umask 0077

Compliance Notes

This toolkit is provided as-is and has not been audited against any specific compliance framework. Users are responsible for ensuring their use complies with applicable regulations (GDPR, HIPAA, SOX, etc.) and their organization's information security policies.

There aren't any published security advisories