Closed Bug 658098 Opened 11 years ago Closed 11 years ago

Security review for new PHP component of TBPL


( :: Security Assurance: Applications, task)

Not set


(Not tracked)



(Reporter: jgriffin, Assigned: rforbes)



(Whiteboard: [completed secreview])

> A quick intro to what this app does.

This component interfaces with an ElasticSearch database, and reads/writes 
orange comments for TBPL. The ES db is inside the firewall, however, this 
PHP script has permissions to read/write from it, and the PHP script 
will be visible to the world.

> Where is the source code located?

The source is not yet checked in, but it can be seen here:

> Is there a stage server running that we can also test against? If so, 
> please indicate what machine the web server is running on.

The code is running on a staging server here:

The staged version is running against a local instance of ES, not 
the production instance of ES, so any testing you do to it that results 
in garbage in the db is fine.

> Where would you like the bugs filed in bugzilla? Please specify 
> the product, component and if anyone specific should be copied 
> on the bugs.

Please use Webtools -> Tinderboxpushlog, cc:ing jgriffin and mstange.

> Please describe if this app will be connecting to any internal or external
> services or if it is able to interact with the OS.

It doesn't interact with the OS (except for logging), but does interact
with an internal instance of ElasticSearch (database).  It is able to 
read and write to the database with limitations; it can't delete data
or modify existing data, only add new data.

> Does this app support logins or multiple roles? If so, we'll need 
> test accounts created for each available role.

No logins or multiple roles.

> What is the worst case scenario that could happen with this system, 
> data or connected systems? (This is used to help understand the 
> criticality of this server.)

If the system went down, it would mean that developers could not star
oranges in TBPL, which would likely result in tree closures until
the problem was resolved.

> Does this website contain an administration page? If so, have the 
> admin page blockers (listed here) all been addressed?

No admin page.

> This review will be scheduled amongst other requested reviews. 
> What is the urgency or needed completion date of this review?

This is one of the last pieces needed for getting rid of tinderbox; 
I think the developers would like it finished in a timely manner, but
it's not a fire drill.
Whiteboard: [pending secreview]
Assignee: infrasec → rforbes
I've filed another TBPL security review request in bug 661365 for the other PHP changes that are waiting to be deployed. The starcomment.php file which this bug is about is also included in the repository in bug 661365, so you might want to combine these two security reviews.
closing this bug as a duplicate to bug 661365 as per comment 1.
Closed: 11 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 661365
Whiteboard: [pending secreview] → [completed secreview]
You need to log in before you can comment on or make changes to this bug.