GCLI commands should be reviewed for security issues

RESOLVED FIXED

Status

()

Firefox
Developer Tools: Console
RESOLVED FIXED
6 years ago
5 years ago

People

(Reporter: jwalker, Assigned: dchan)

Tracking

Trunk
Points:
---
Dependency tree / graph
Bug Flags:
sec-review +

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [sg:audit][secr:dchan], URL)

From security review: "have mrbkap review implementations, especially ones that explicitly wrap or unwrap"
Blocks: 659059
Whiteboard: [sg:audit]
mrbkap - the code for this review isn't written yet, so feel free to relax for a while :)
Blocks: 675923
No longer blocks: 659059
Whiteboard: [sg:audit] → [sg:audit][minotaur]
Assignee: nobody → jwalker
Depends on: 664693
Keywords: sec-review-needed
No longer depends on: 664693
Depends on: 664693
Whiteboard: [sg:audit][minotaur] → [sg:audit]
Blocks: 689605
No longer blocks: 675923
Whiteboard: [sg:audit] → [sg:audit][secr:dchan]
Moving GCLI bugs to Developer Tools: Console. Filter on 'baked beans are off'.
Component: Developer Tools → Developer Tools: Console
Docs done:
  https://etherpad.mozilla.org/gcli-sec-review-2011
Or:
  https://github.com/joewalker/gcli/blob/secreview-664696/docs/review/security-review-2011.md
Have you guys had a chance to look over the docs yet? I'd like to schedule a security review if one is needed. Thanks.
dchan is assigned to look at this, if he sees the need for a meeting he will let you/me know.
(In reply to Curtis Koenig [:curtisk] from comment #5)
> dchan is assigned to look at this, if he sees the need for a meeting he will
> let you/me know.

So I'm going to assume that we're good unless you contact me.
Thanks.
Assignee: jwalker → dchan+bugzilla
(Assignee)

Comment 7

6 years ago
Commented in the wrong bug. The security review is complete. Thanks Joe!

See bug #664693 for full comment.

Joe: Your concern about screenshot is answered in there.
Thanks for the review.

Anyone opposed to me closing this bug? I'll assume that I should remove the sec-review-needed whiteboard tag too?
Keywords: sec-review-needed → sec-review-complete
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Flags: sec-review+
You need to log in before you can comment on or make changes to this bug.