Closed Bug 706184 Opened 11 years ago Closed 11 years ago

TellUsMore: Security review

Categories

(mozilla.org :: Security Assurance: Review Request, task)

x86
macOS
task
Not set
normal

Tracking

(Not tracked)

VERIFIED FIXED

People

(Reporter: cmore, Assigned: mgoodwin)

References

Details

(Whiteboard: [completed secreview])

We are going to need a security review of the TellUsMore extension of Input due to automatic account creation in Bugzilla. TellUsMore will land in either late Q4 2011 or Q1 2012 (more likely).
Whiteboard: [sec review]
Whiteboard: [sec review] → [pending secreview]
Blocks: 705700
Whiteboard: [pending secreview] → [pending secreview][secr:adamm]
1. Who is/are the point of contact(s) for this review?
2. Please provide a short description of the feature / application (e.g. problem solved, use cases, etc.):
3. Please provide links to additional information (e.g. feature page, wiki) if available and not yet included in feature description:
4. Does this request block another bug? If so, please indicate the bug number
5. This review will be scheduled amongst other requested reviews. What is the urgency or needed completion date of this review?
6. To help prioritize this work request, does this project support a goal specifically listed on this quarter's goal list?  If so, which goal?
7. Please answer the following few questions: (Note: If you are asked to describe anything, 1-2 sentences shall suffice.)
7a. Does this feature or code change affect Firefox, Thunderbird or any product or service the Mozilla ships to end users?
7b. Are there any portions of the project that interact with 3rd party services?
7c. Will your application/service collect user data? If so, please describe 
8. If you feel something is missing here or you would like to provide other kind of feedback, feel free to do so here (no limits on size):
9. Desired Date of review (if known from https://mail.mozilla.com/home/ckoenig@mozilla.com/Security%20Review.html) and whom to invite.
Component: General → Security Assurance: Review Needed
Product: Input → mozilla.org
QA Contact: general → security-assurance
Whiteboard: [pending secreview][secr:adamm] → [pending secreview][needs info]
Version: unspecified → other
i'll answer what i can..

> 1. Who is/are the point of contact(s) for this review?

involved parties are :aakashd (pm), :nigelb (input dev), :glob (bugzilla dev)

> 2. Please provide a short description of the feature / application (e.g.
> problem solved, use cases, etc.):

The primary purpose of Tell Us More will be to supplement the sad feedback form with an option for users to submit a bug report into Mozilla bug tracking system and allow our community of triagers to move the bug through its life cycle properly. 

> 3. Please provide links to additional information (e.g. feature page, wiki)
> if available and not yet included in feature description:

input:
https://wiki.mozilla.org/Firefox/TellUsMore
https://github.com/mozilla/input.mozilla.org/pull/40

bugzilla:
https://wiki.mozilla.org/BMO/TellUsMore
http://bzr.mozilla.org/bmo/4.0-dev/files/head:/extensions/TellUsMore/

> 7a. Does this feature or code change affect Firefox, Thunderbird or any
> product or service the Mozilla ships to end users?

no

> 7b. Are there any portions of the project that interact with 3rd party
> services?

no

> 7c. Will your application/service collect user data? If so, please describe 

yes, email address for bugzilla account creation.
This is a dupe of a secreview already assigned to me; taking.
Assignee: nobody → mgoodwin
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → INVALID
Status: RESOLVED → REOPENED
Resolution: INVALID → ---
What glob said is all a-ok.
Whiteboard: [pending secreview][needs info] → [pending secreview][needs info][start mm/dd/yyyy][target mm/dd/yyyy]
Whiteboard: [pending secreview][needs info][start mm/dd/yyyy][target mm/dd/yyyy] → [pending secreview][needs info][start 05/04/2012][target 05/09/2012]
Depends on: 753234
Depends on: 754757
Whiteboard: [pending secreview][needs info][start 05/04/2012][target 05/09/2012] → [in-progress secreview][start 2012/05/04][target 2012/05/15]
Thanks
Status: REOPENED → RESOLVED
Closed: 11 years ago11 years ago
Resolution: --- → FIXED
Whiteboard: [in-progress secreview][start 2012/05/04][target 2012/05/15] → [completed secreview]
Thanks!
Status: RESOLVED → VERIFIED
Much obliged!
You need to log in before you can comment on or make changes to this bug.