Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

is_likely_id_string filter creates false negative in key scanning #608

Closed
maxamel opened this issue Sep 4, 2022 · 0 comments · Fixed by #612
Closed

is_likely_id_string filter creates false negative in key scanning #608

maxamel opened this issue Sep 4, 2022 · 0 comments · Fixed by #612
Labels
false negatives P3 When you get around it. E.g. a fix for non-breaking issue we will work on when there's nothing more selected The issue has been selected to be worked on.

Comments

@maxamel
Copy link

maxamel commented Sep 4, 2022
edited
Loading

Hello,
The following filter creates a FN for us:

detect-secrets/detect_secrets/filters/heuristic.py

Line 78 in e61b9f9

return re.compile(r'(^(id|myid|userid)|_id)s?[^a-z0-9]', re.IGNORECASE)

The scanned secret we have in Dockerfile:
ENV aws_access_key_id=AKIA4NACSIJMDDNSEDTE

The secret itself would correctly trigger the aws plugin but the is_likely_id_string causes it to be missed.
Perhaps at least some of the filters should be applied only in case a regex based detector hasn't detected a secret.
Otherwise, pretty obvious cases can be missed only because of the secret name.
@nimrodkor nimrodkor mentioned this issue Sep 13, 2022
Merged
@lorenzodb1 lorenzodb1 added false negatives P3 When you get around it. E.g. a fix for non-breaking issue we will work on when there's nothing more selected The issue has been selected to be worked on. labels Sep 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
false negatives P3 When you get around it. E.g. a fix for non-breaking issue we will work on when there's nothing more selected The issue has been selected to be worked on.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Don't filter out AWS access key ID with the ID filter nimrodkor/detect-secrets
2 participants
@maxamel @lorenzodb1