Last Comment Bug 664696 - GCLI commands should be reviewed for security issues
: GCLI commands should be reviewed for security issues
Status: RESOLVED FIXED
[sg:audit][secr:dchan]
:
Product: Firefox
Classification: Client Software
Component: Developer Tools: Console (show other bugs)
: Trunk
: All All
: -- normal (vote)
: ---
Assigned To: David Chan [:dchan]
:
: Brian Grinstead [:bgrins]
Mentors:
https://etherpad.mozilla.org/gcli-sec...
Depends on: 664693
Blocks: GCLI-SHIP
  Show dependency treegraph
 
Reported: 2011-06-16 04:39 PDT by Joe Walker [:jwalker] (needinfo me or ping on irc)
Modified: 2012-08-15 08:25 PDT (History)
5 users (show)
dveditz: sec‑review+
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments

Description Joe Walker [:jwalker] (needinfo me or ping on irc) 2011-06-16 04:39:35 PDT
From security review: "have mrbkap review implementations, especially ones that explicitly wrap or unwrap"
Comment 1 Joe Walker [:jwalker] (needinfo me or ping on irc) 2011-06-16 04:43:23 PDT
mrbkap - the code for this review isn't written yet, so feel free to relax for a while :)
Comment 2 Joe Walker [:jwalker] (needinfo me or ping on irc) 2011-11-18 09:58:35 PST
Moving GCLI bugs to Developer Tools: Console. Filter on 'baked beans are off'.
Comment 4 Joe Walker [:jwalker] (needinfo me or ping on irc) 2011-11-30 02:30:19 PST
Have you guys had a chance to look over the docs yet? I'd like to schedule a security review if one is needed. Thanks.
Comment 5 Curtis Koenig [:curtisk-use curtis.koenig+bzATgmail.com]] 2011-11-30 07:13:38 PST
dchan is assigned to look at this, if he sees the need for a meeting he will let you/me know.
Comment 6 Joe Walker [:jwalker] (needinfo me or ping on irc) 2011-11-30 09:47:02 PST
(In reply to Curtis Koenig [:curtisk] from comment #5)
> dchan is assigned to look at this, if he sees the need for a meeting he will
> let you/me know.

So I'm going to assume that we're good unless you contact me.
Thanks.
Comment 7 David Chan [:dchan] 2011-12-07 17:22:44 PST
Commented in the wrong bug. The security review is complete. Thanks Joe!

See bug #664693 for full comment.

Joe: Your concern about screenshot is answered in there.
Comment 8 Joe Walker [:jwalker] (needinfo me or ping on irc) 2011-12-08 05:07:23 PST
Thanks for the review.

Anyone opposed to me closing this bug? I'll assume that I should remove the sec-review-needed whiteboard tag too?

Note You need to log in before you can comment on or make changes to this bug.