Add a new Leakage Sink
Leakage sinks are the places where personal data should not go in the plain text format. Privado currently supports log sinks. There may be a use case for adding support for file types, sockets, IO streams, caches, etc. You can review existing leakage sinks under
List of fields for defining a leakage:
It is unique identifier for the data leakage. It has format “Leakages“ + leakage type name ( without spaces and special characters ) Example: For file system, you will have “Leakages.FileSystem”
It is name of the data leakage. Example: File System
It is an array of regex patterns for the data leakage. This regex will be used to search method names and to further check if data elements are going to the identified methods. Matching methods with data flows will be tagged for this data leakage. Example: Mark specific method from a known class class name:
It’s an object of key-value pairs. This is useful to group and filter data leakages. Example: you can tag applicable laws for the data leakages.
High level key is
sinkswhich is an array of leakages. Once the leakage object is defined, we can add it to the array of
For a new type of leakage, you can create a new file with the leakage name ( all small case, replace space with
_) in directory
rules/sinks/leakagesand add the details to it.
Once the new leakage is added, Privado will detect and track data flows to this leakage sinks.