Audit tca-portal
This is a pretty sensitive new script, which runs as root and receives commands from unprivileged users. I would like at least 1 security expert to look into it.
So I'm assigning to FT for now, to handle the communication part, which I suppose may look like this:
-
briefly document the intended use and threat model here -
ask @jvoisin to audit -
@jvoisin audits -
follow-up on audit: -
Follow-up on "Audit tca-portal" (!723 - merged) -
safely get gnome_env_vars (!819 - merged) -
stricter validation of SetTimeCommand
: tca-portal: stricter validation (!846 - merged)
-
-
@jvoisin audits again -
follow-up on audit: follow up again on tca audit: clarify comments (!860 - merged)
Blocked by Update "Tor network configuration" design doc (#18360 - closed)
Edited by intrigeri