CabraghMan Posted March 28, 2021 Share Posted March 28, 2021 Me too - I have just upgraded to 9 and then discovered this new setup. Now off to restore to V8. Link to comment Share on other sites More sharing options...
Martin W. Posted March 29, 2021 Share Posted March 29, 2021 On 3/19/2021 at 2:46 AM, support said: Hi Guys, We appreciate the feedback. The Pen Testing company do not believe this architecture is insecure, but if there is enough interest, we can consider other options. So we can take this feedback to management, can you please outline why you believe this is a security regression? Is your concern you may have an elevated administrative breach on your web server where this is being hosted? Regards Click Studios Certainly that's the main problem. The instance that we use in our data center has very strict network policies for in and outbound directions. Only a handful of servers with similar security precautions have access to the server at all (e.g. Ansible Tower) and definitely not a normal webserver, because they would build a bridge between the Internet and Passwordstate, similar the new App Server would do. Of course you can say that is a safe bridge with strong gatekeepers on both sides (firewall, crypto and so on), but at the end, it's a bridge that didn't exist before. And I only have the approval for a security concept without such way of communications. Link to comment Share on other sites More sharing options...
support Posted March 29, 2021 Share Posted March 29, 2021 Hi Guys, We will work on bringing back the old architecture as an option - it just means we will need to support two code basis ongoing. Please give us some time to work on this. Regards Click Studios Link to comment Share on other sites More sharing options...
support Posted April 14, 2021 Share Posted April 14, 2021 Hello everyone, Just letting you know we've just released build 9112, and have added back the Push/Pull version of the Self Destruct Message feature. This is an option, and you need to select this option on the Self Destruct tab on the System Settings screen in the Administration area. Regards Click Studios Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.