Closed
Bug 773404
Opened 12 years ago
Closed 12 years ago
Security review for Identity KPI Dashboard
Categories
(mozilla.org :: Security Assurance: Review Request, task, P2)
mozilla.org
Security Assurance: Review Request
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: ozten, Assigned: rforbes)
References
(Blocks 1 open bug)
Details
(Whiteboard: [completed secreview][score:36])
> Who is/are the point of contact(s) for this review? development: nmalkin, jparsons project management, jokes: ozten > Please provide a short description of the feature / application (e.g. problem > solved, use cases, etc.): The KPI Dashboard is the second phase, after the KPI Backend project. This dashboard contains reports based on the backend data. They are secured behind VPN, so only employees can access them. > Please provide links to additional information (e.g. feature page, wiki) if > available and not yet included in feature description: Current site documentation is available at: https://wiki.mozilla.org/Identity/BrowserID/KPI_Dashboard > Does this request block another bug? If so, please indicate the bug number 773400 > This review will be scheduled amongst other requested reviews. What is the > urgency or needed completion date of this review? We'd like to ship to production while our intern is here, so we need the review by early August > To help prioritize this work request, does this project support a goal > specifically listed on this quarter's goal list? If so, which goal? Yes, optimizing the UX of Persona > Please answer the following few questions: (Note: If you are asked to describe > anything, 1-2 sentences shall suffice.) > Does this feature or code change affect Firefox, Thunderbird or any product > or service the Mozilla ships to end users? Nope. > Are there any portions of the project that interact with 3rd party services? > Will your application/service collect user data? If so, please describe Nope. > If you feel something is missing here or you would like to provide other kind of > feedback, feel free to do so here (no limits on size): > Desired Date of review (if known from https://mail.mozilla.com > /home/ckoenig@mozilla.com/Security%20Review.html) and whom to invite. The majority of privacy and security vetting happened on the backend, filing this bug for an incremental followup. It is a new Node.js web app for internal use only.
Reporter | ||
Comment 1•12 years ago
|
||
Codebase: https://github.com/nmalkin/kpi-dashboard
Updated•12 years ago
|
Keywords: sec-review-needed
Whiteboard: [pending secreview] → [pending secreview][triage needed 2012.07.18]
Risk/Priority Ranking Exercise https://wiki.mozilla.org/Security/RiskRatings Priority -4: P2 - Identity is a mozilla initiative Operational: 1 - minor User: 1 - minor Privacy: 1 - minor Engineering: 2 - normal Reputational: 3 - major Priority score - 36
Severity: normal → major
Priority: -- → P2
Whiteboard: [pending secreview][triage needed 2012.07.18] → [pending secreview][triage needed 2012.07.18][score:36]
Updated•12 years ago
|
Assignee: nobody → rforbes
Whiteboard: [pending secreview][triage needed 2012.07.18][score:36] → [pending secreview][score:36]
Assignee | ||
Comment 3•12 years ago
|
||
this was completed. everything looks good.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•12 years ago
|
Status: RESOLVED → VERIFIED
Updated•12 years ago
|
Keywords: sec-review-complete
Whiteboard: [pending secreview][score:36] → [completed secreview][score:36]
Updated•12 years ago
|
Keywords: sec-review-complete
Comment 4•12 years ago
|
||
I think Curtis's most recent mail is saying that our reviews shouldn't be "VERIFIED" until all the dependent bugs are fixed. Moving back to RESOLVED.
Status: VERIFIED → RESOLVED
Closed: 12 years ago → 12 years ago
You need to log in
before you can comment on or make changes to this bug.
Description
•