Guards cannot guarantee the confidentiality of parts of the application #17
Description
Category: Bug
Severity: Medium
Expected behaviour (In case of bug)
The tutorial should give advice how to implement confidentiality in a secure way.
Actual/current behaviour (In case of bug)
The tutorial advises to use Guards in order to securely hide confidential parts of the application from an umpriviledged user.
Steps to reproduce (In case of bug)
(read the tutorial)
Description of issue / expected enhacement /Comments
https://github.com/devonfw/devonfw-tutorial-sources/wiki/angular-services on Guards:
We encourage to use Guards, because even if you hide the button to navigate, the user can modify the URL in the browser and have access to the component, with guards implemented, this navigation will be forbidden and you app not compromised.
IMHO even Guards cannot guarantee that a "forbidden part" is not compromized. If it is absolutely neccessary to hide a part of the application from an (unprivileged) user, it is necessary to implement an authorization scheme on the server side along with dynamic loading of that part of the application [dynamic loading may already be the standard in Angular already - I'm not familiar with Anguar yet.] . This will result in not being able to retrieve the http/JavaScript code that comprises the "forbidden" parts of the application.
Guarding can always be broken by an attacker by removing the Guard in the running code in the browser - which is under the total control of the user.
Of course, using Guards is the right way to hide parts of the app that should not be accessible. But the reason is usability ("I do not see any parts of the GUI that I am not allowed to use anyway"), not confidentiality ("I do not see any parts of the GUI that I must not get to know").
Your environment - windows/Linux, Devonfw version , component
irrelevant