Update Hassio with security options

[bramkragten]

Fixes #1710 (except the upload snapshot)

Unavailble addon:

[frenck]

🎉 I'm really thankful that you are doing this @bramkragten! 👍

Added a suggestion above in a comment. Since a user actually disables the protection mode (which is on by default). -> nvm.

Some other small remarks:

• Maybe move down the red block right under the add-on header block.
• I like the badges, although, the average user might have no clue on what they mean. Maybe add some descriptions on hover? (Not sure what is possible in our UI).

[cogneato]

This looks great! Does the security rating go with the addon or does it change depending on whether the protection mode is enabled/disabled?

[frenck]

Current:
"Protection mode is disabled, this addon can do things that can damage your system. Only use this if you know and trust the source of this addon."

Suggestion:
"Protection mode on this addon is disabled! This gives the add-on full access to the entire system, which adds security risks, and could damage your system when used incorrectly. Only disable the protection mode if you know, need AND trust the source of this addon."

I think the latter explains it a little more and adds the security risk to it as well.

[frenck]

Description:

Addon Security Rating

Hass.io provides a security rating to each of the add-ons, which indicates the risks involved when using this add-on. The more access an addon requires on your system, the lower the score, thus raising the possible security risks.

A score is on a scale from 1 to 6. Where 1 is the lowest score (considered the most insecure and highest risk) and a score of 6 is the highest score (considered the most secure and lowest risk).

[balloob]

I wonder if all badges should link to a help article with all the extended info

[frenck]

Description:

Home Assistant API Access

This add-on is allowed to access your running Home Assistant instance directly via the Home Assistant API. This mode handles authentication for the addon as well, which enables an addon to interact with Home Assistant without the need for additional authentication tokens.

[frenck]

Badge description:

Full Hardware Access

This addon is given full access to the hardware of your system, by request of the addon author. Access is comparable to the privileged mode in Docker. Since this opens up possible security risks, this feature impacts the addon security score negatively.

This level of access is not granted automatically and needs to be confirmed by you. To do this, you need to disable the protection mode on the addon manually. Only disable the protection mode if you know, need AND trust the source of this addon.

[frenck]

Description of badge:

Hass.io API Access

The addon was given access to the Hass.io API, by request of the addon author. By default, the addon can access general version information of your system. When the addon requests "manager" or "admin" level access to the API, it will gain access to control multiple parts of your Hass.io system. This permission is indicated by this badge and will impact the security score of the addon negatively.

[frenck]

Description of badge:

Full Docker Access

The addon author has requested the addon to have management access to the Docker instance running on your system. This mode gives the addon full access and control to your entire Hass.io system, which adds security risks, and could damage your system when misused. Therefore, this feature impacts the addon security score negatively.

This level of access is not granted automatically and needs to be confirmed by you. To do this, you need to disable the protection mode on the addon manually. Only disable the protection mode if you know, need AND trust the source of this addon.

[frenck]

Badge description:

Host Processes Namespace

Usually, the processes the addon runs, are isolated from all other system processes. The addon author has requested the addon to have access to the system processes running on the host system instance, and allow the addon to spawn processes on the host system as well. This mode gives the addon full access and control to your entire Hass.io system, which adds security risks, and could damage your system when misused. Therefore, this feature impacts the addon security score negatively.

This level of access is not granted automatically and needs to be confirmed by you. To do this, you need to disable the protection mode on the addon manually. Only disable the protection mode if you know, need AND trust the source of this addon.

[frenck]

This looks great! Does the security rating go with the addon or does it change depending on whether the protection mode is enabled/disabled?

@cogneato That is not determined by the frontend, but by Hass.io. See: https://github.com/home-assistant/hassio/blob/master/hassio/addons/utils.py#L17

[frenck]

@bramkragten Missing in this list (IMHO):

• apparmor. This option also affects the security rating.
• auth_api. When enabled, the add-on is allowed to authenticate users against Home Assistant (for allowing login with your Home Assistant accounts on add-ons).

[frenck]

AppArmor

AppArmor ("Application Armor") is a Linux kernel security module that restricts addons capabilities like network access, raw socket access, and permission to read, write, or execute specific files.

Addon authors can provide their security profiles, optimized for the addon, or request it to be disabled. If AppArmor is disabled, it will raise security risks and therefore, has a negative impact on the security score of the addon.

[frenck]

Home Assistant Authentication

An addon can authenticate users against Home Assistant, allowing add-ons to give users the possibility to log into applications running inside add-ons, using their Home Assistant username/password. This badge indicates if the add-on author requests this capability.

[tjorim]

This is already looking very nice.

I agree with Frenck to move the warning banner down, between the header and config blocks.
Furthermore, I don't think hover is the best way to show such explanation about the badges, could we use a modal?

Edit: with modal I meant a dialog like how the changelog for an add-on is currently shown.

One last thing that I think is important when speaking about the whole security aspect of add-ons: which folders can they access (config, share, ssl...) and is it either read-only or R/W.

Also, could you provide a screenshot on how non-available add-ons are shown in the store?

[pvizeli]

I love it! Thanks @frenck for the comments 👍

[balloob]

lol we need a designer so badly 😉 It feels like a mismash of data thrown into a single card. I won't block this PR on it but we should think about it after this is merged. Maybe split in 2 cards: info + config/control.

Inspiration for a card based UI with a lot of info is the Play Store: https://play.google.com/store/apps/details?id=com.google.android.gm

[balloob]

Code looks fine.

[frenck]

I totally agree with the design part @balloob...
Given the "general hass.io panel design" reaction/option by @bramkragten given on the AMS meetup, I'm sure he agrees.

(PS: that google store example.... ❤️ So much information in there... If we could show, size of the add-on, the author, the last date updated....)

This is a pretty big step forward (from a functional perspective), so thanks @bramkragten 👍