Closed
Bug 685199
Opened 14 years ago
Closed 13 years ago
need mozilla security review of Case Conductor
Categories
(Mozilla QA Graveyard :: MozTrap, enhancement)
Mozilla QA Graveyard
MozTrap
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 731749
People
(Reporter: camd, Unassigned)
Details
Mozilla has an internal security team for web projects. Case Conductor needs this review at some point.
|
Reporter | |
Comment 1•14 years ago
|
||
A Pivotal Tracker story has been created for this Bug: http://www.pivotaltracker.com/story/show/17978937
|
|
Reporter | |
Comment 2•14 years ago
|
||
Cameron Dawson added a comment in Pivotal Tracker:
here are some of Mozilla's security coding guidelines: https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines
|
|
Reporter | |
Comment 3•14 years ago
|
||
Cameron Dawson added a comment in Pivotal Tracker:
Here is the form to request the review: https://wiki.mozilla.org/WebAppSec/Security_Review_Request
|
|
Reporter | |
Comment 4•14 years ago
|
||
Cameron Dawson added a comment in Pivotal Tracker:
Apparently using Django is a great way to make the security review faster and easier. Yay for us! :) However, the mix with the platform may be a difference from that. Dunno. I'll let the experts do the work on that.
|
|
Reporter | |
Comment 5•14 years ago
|
||
Carl Meyer added a comment in Pivotal Tracker:
I already knew about the coding guidelines, and I think we already follow almost all of them. (I even wrote a popular open-source Django app to check your project's compliance with some of the guidelines!)
Anyway, I'll double-check when we get to this story, before we request the review.
|
|
Reporter | |
Comment 6•14 years ago
|
||
Cameron Dawson added a comment in Pivotal Tracker:
Carl, you're 27 kinds of awesome! :)
|
|
Reporter | |
Comment 7•13 years ago
|
||
Cameron Dawson added a comment in Pivotal Tracker:
OK, created new infrasec review in this bug: https://bugzilla.mozilla.org/show_bug.cgi?id=731749
|
|
Reporter | |
Comment 8•13 years ago
|
||
Carl Meyer added a comment in Pivotal Tracker:
Cam - I'd also be interested in getting CCed on any new Bugzilla bugs they file against Case Conductor as part of this review. I'm guessing you were thinking that you'd catch them in Bugzilla and add them to PT and I'd see them there? But I'm thinking they may file some bugs due to a misunderstanding of something, and I might be able to address it with a comment in Bugzilla without ever needing to get to PT. Is it ok with you if I comment on that bug requesting they CC me as well?
|
|
Reporter | |
Comment 9•13 years ago
|
||
Cameron Dawson added a comment in Pivotal Tracker:
Oh, of course! Absolutely. Sorry, just an oversight on my part.
|
||
Comment 10•13 years ago
|
||
Is this a dupe of bug 731749 (secreview for Case Conductor, take 2), or is this separate?
If it is separate, please set the sec-review-needed keyword (and privacy-review-needed if applicable).
|
|
Reporter | |
Updated•13 years ago
|
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → DUPLICATE
|
|
Reporter | |
Comment 12•13 years ago
|
||
Cameron Dawson changed story state to accepted in Pivotal Tracker
|
||
Updated•6 years ago
|
Product: Mozilla QA → Mozilla QA Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•