Closed Bug 772939 Opened 13 years ago Closed 13 years ago

opsec review for rest-symbol-server webapp

Categories

(Security Assurance :: General, task)

Product:
Security Assurance
Component:
General
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INCOMPLETE

People

(Reporter: ted, Assigned: jstevensen)

References

(
URL
)

Details

This webapp got a security review from mgoodwin in bug 754837. I'd like to get it deployed soon, but I had a question about the exact deployment configuration, wound up talking to Joe, and he asked me to file a bug so we could hash everything out. You can read about the webapp in bug 754837. The main question here is: can we deploy this so that it has write access directly to the Breakpad/Socorro symbol store mount? The symbol store lives on pio-netapp-a.v74.phx.mozilla.com:/vol/pio_symbols . Currently we upload symbols from our builds using SCP to symbolpush.mozilla.org, which has that volume mounted via NFS. We have separate user accounts per product that gets uploaded, and each product has a separate directory on the mount. My plan would be to create a new user account for the webapp, and a separate directory for it to upload to.
Ted, Do you need anything from us on this bug? It looks like it just needs to be closed.
I believe you told me to file this originally. If you don't think there's anything to be done here then I'm happy to close it.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → INCOMPLETE
Component: Operations Security (OpSec): General → General
Product: mozilla.org → Enterprise Information Security
You need to log in before you can comment on or make changes to this bug.