This document outlines the security model, known vulnerabilities, and security practices for Manta.
Manta implements multiple layers of security:
- Input Validation: All user inputs are validated through JSON schema
- Sandboxing: Shell commands run with restricted permissions
- Allowlists: Explicit allowlists for paths and commands
- Rate Limiting: Per-user request throttling
- Authentication: Pairing codes for new users
- Crate:
rsav0.9.10 - Severity: Medium (5.9)
- Issue: Potential key recovery through timing sidechannels
- Status: No fixed upgrade available (upstream dependency via sqlx-mysql)
- Impact: Manta uses SQLite, not MySQL, so this vulnerability is not exploitable in Manta deployments
- Mitigation: We don't use RSA for cryptographic operations in Manta
- Crate:
sqlxv0.7.4 - Severity: High
- Issue: Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts
- Status: Upgrade to >=0.8.1 required
- Impact: Affects SQLite protocol handling
- Mitigation: We recommend:
- Regular database backups
- Input validation on all database queries
- Monitoring for unusual database behavior
The following dependencies are unmaintained but don't have known security vulnerabilities:
- paste (RUSTSEC-2024-0436) - Used by sqlx-core
- proc-macro-error (RUSTSEC-2024-0370) - Used by teloxide
- rustls-pemfile v1.0.4 (RUSTSEC-2025-0134) - Used by reqwest
These are transitive dependencies and will be updated when upstream crates release updates.
Manta's SecurityValidator detects and blocks path traversal attempts:
// Blocked patterns:
- "../" - Directory traversal
- "..\\" - Windows traversal
- "~/.." - Home directory escape
- "/.." - Root escape
- "%2e%2e%2f" - URL-encoded traversal
- "%252e%252e%252f" - Double URL-encoded
- "//" - Double slashThe following characters are blocked in shell commands:
;- Command separator&- Background process|- Pipe$- Variable substitution`- Command substitution$(- Command substitution${- Variable expansion
Sensitive configuration should use environment variables:
provider:
api_key: "${OPENAI_API_KEY}" # Never hardcode secretsDefault sandbox settings:
security:
sandbox:
enabled: true
allowed_commands: ["ls", "cat", "grep", "curl"]
forbidden_paths: ["/etc/passwd", "~/.ssh/*"]
timeout_seconds: 30- All HTTP clients use
rustls-tls(native Rust TLS, not OpenSSL) - Certificate validation is enabled by default
- No option to disable TLS verification in production
Web tools support domain allowlisting/blocklisting:
tools:
web:
blocked_domains: ["localhost", "127.0.0.1", "10.*", "192.168.*"]-
Run as non-root user
useradd -r -s /bin/false manta
-
Use read-only filesystem where possible
--read-only --tmpfs /tmp -
Limit network access
- Only expose necessary ports
- Use internal networks for database connections
-
Enable rate limiting
security: rate_limits: requests_per_minute: 30
- Never commit secrets to version control
- Use environment variables or secret management systems
- Rotate API keys regularly
- Use different keys for different environments
Monitor for:
- Unusual API request patterns
- Path traversal attempts in logs
- Rate limit violations
- Failed authentication attempts
Before deploying Manta:
- Changed default API keys
- Configured allowlists appropriately
- Enabled sandbox mode
- Set up rate limiting
- Configured log rotation
- Running as non-root user
- Firewall rules configured
- Regular backups scheduled
- Monitoring alerts configured
If you discover a security vulnerability:
- DO NOT open a public issue
- Email security concerns to: security@example.com
- Include:
- Description of the vulnerability
- Steps to reproduce
- Possible impact
- Suggested fix (if any)
We will respond within 48 hours and work on a fix.
- Critical vulnerabilities: Fix within 7 days
- High severity: Fix within 30 days
- Medium/Low severity: Fix in next scheduled release
- Dependency updates: Monthly review
| Date | Auditor | Scope | Results |
|---|---|---|---|
| 2024-03 | cargo-audit | Dependencies | 2 vulnerabilities, 3 unmaintained |