Closed Bug 1365675 Opened 7 years ago Closed 7 years ago

Start a security audit communication

Categories

(Socorro :: Symbols, task)

Product:
Socorro
Component:
Symbols
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: peterbe, Assigned: u581815)

References

Details

Tecken [0] is soon going into production. 

What does it take to sign this off security-wise?


[0] https://github.com/mozilla-services/tecken
Greg, 
Can you own this bug and lead with whatever it takes to check that tecken is secure enough to go to production?
Flags: needinfo?(gguthe)
+1 I opened a bugs 

to schedule a risk assessment: https://bugzilla.mozilla.org/show_bug.cgi?id=1365673 
for code review: https://github.com/mozilla-services/foxsec/issues/317
and I'll check with my team about infrastructure review.
Assignee: nobody → gguthe
Status: NEW → ASSIGNED
Flags: needinfo?(gguthe)
I didn't find anything that would block deploying to prod in code review and the old RRA still applies.

We'll run a quick RRA update for the new functionality when its design is ready, but in the meantime it's feature flagged defaulting to disabled.
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.