Flusk can detect data leaks for any data type that you have designated as sensitive or that you have not reviewed at all in the "Database Sensitivity" checklist. If we detect a data leak, you will receive an alert for this issue.
Please note that the accuracy of this issue is dependent on the inputs you provided in the "Database Sensitivity" checklist. Therefore, it's important to carefully review and update this checklist as needed to ensure that all sensitive data is properly identified and protected.
Currently, our Privacy Rules Checker accesses your database as an unlogged user, which means it follows the Privacy Rules defined for non-logged-in users. We are actively working on adding support for per-role sensitivity, which will allow our tool to look for data leaks based on user roles.
Solution
To address this issue, we recommend defining proper Privacy Rules and ensuring that each role is only able to access the data they need. You can define Privacy Rules by navigating to "Data > Privacy" in your Bubble editor.
Then, it is up to you to create the right rules for each case of consultation or modification of the data.
Edge Cases
Data Leaks can be quite hard to resolve, that's why we'll cover a few edge cases here that happens more often you could think.
Conditionals that are always true
It happens that some data leaks because there is a conception problem in your Privacy Rules conditions. Let's take the example of an Invoice
Data Type, linked to a Company
.
Here is our example database with their fields:
Invoice
Invoiced Company
Invoice File
Invoice Amount
User
Company
First Name
Email
Company
Users
Name
If we want to set up a Privacy Rule for the Invoice
Data Type to make sure only authorized users can see their Invoices, here's what we would instantly set up. We would make sure that This Invoice's Invoiced Company equals tu Current User's Company
. Right?
But what if for some reason, some invoices in your database are not linked to a Company? Aka, This Invoice's Invoiced Company (X) is empty
?
If I perform a database request as a non-logged in User, I will have no Company linked to my User. Therefore, I'll be able to match and find all the Companies that are also not linked to an invoice, because false equals false. The Invoice doesn't have a Company linked, and my User also.
To escape this edge case, you just need to make sure that This Invoice's Invoiced Company is not empty
. This is what our rule looks like now:
Data Leaks only appears on one version of my app
If the Data Leak issue only happens on one specific version of your app (test or live), it could come from 2 sources:
The Privacy Rules are not the same between development and live versions of your app. In this case, you need to push your app live in order to synchronize the versions and make the test version the live one.
It could be that some data is present on the live version, but not on the test one. If you have an empty database on your test version, Flusk can't detect any data leak and won't count this as an issue.
My issue is still not resolved. What can I do?
If after that your Data Leak issue is still not resolved, we still have a few solutions for you:
You might want to run a new security test from your Flusk dashboard.
To verify the data and have a visual overview of the data leaking from your app, we suggest running a Privacy Rules Checker test.
If you still can't find the solution to your problem, you can duplicate your app (including database content) and open the Data API to perfectly see the leaking data and troubleshoot easier.
Additional Resources
Here are some additional to help you define proper Privacy Rules: