Page MenuHomePhabricator

Aphlict security review
Closed, ResolvedPublic

Revisions and Commits

Event Timeline

csteipp created this task.Nov 14 2014, 11:53 PM
csteipp claimed this task.
csteipp raised the priority of this task from to Medium.
csteipp updated the task description. (Show Details)
csteipp added a project: MediaWiki-Core-Team.
csteipp changed Security from none to None.
csteipp added a subscriber: csteipp.
Qgil moved this task from To Triage to Ready to Go on the Phabricator board.Nov 27 2014, 11:55 AM
Qgil added a subscriber: Qgil.Jan 6 2015, 7:29 PM

There is ongoing work to get rid of Flash and use WebSockets. Should we resolve this task as Stalled in the meantime?

See https://secure.phabricator.com/T6559

csteipp changed the task status from Open to Stalled.Jan 7 2015, 6:22 PM
In T1286#957936, @Qgil wrote:

There is ongoing work to get rid of Flash and use WebSockets. Should we resolve this task as Stalled in the meantime?

See https://secure.phabricator.com/T6559

I think so.

Qgil added a comment.Jan 8 2015, 9:12 PM

https://secure.phabricator.com/T6559 has been resolved as Fixed. In principle, Aphlict has no dependency on Flash anymore.

Being Aphlict and dependencies fully open source now, does it still require a security review?

In T1286#964251, @Qgil wrote:

https://secure.phabricator.com/T6559 has been resolved as Fixed. In principle, Aphlict has no dependency on Flash anymore.

Being Aphlict and dependencies fully open source now, does it still require a security review?

I would still like to take a look at it. I'll start back in on it after CX.

I would still like to take a look at it. I'll start back in on it after CX.

@csteipp: What is CX, and more important: When is that? :)

I would still like to take a look at it. I'll start back in on it after CX.

@csteipp: What is CX, and more important: When is that? :)

Sorry, that was ContentTranslation, which is done. I'm working on a couple things, should get back to this next week.

epriestley closed this task as Resolved by committing Unknown Object (Diffusion Commit).Mar 4 2015, 8:24 AM
epriestley added a commit: Unknown Object (Diffusion Commit).
Qgil reopened this task as Open.Mar 4 2015, 8:34 AM

Accidental clash. Known issue. Reverting status.

csteipp moved this task from Incoming to Ready on the Security-Team board.May 4 2015, 10:28 PM
mmodell added a subscriber: mmodell.EditedMay 8 2015, 7:47 PM

@csteipp: the only challenge with the new incarnation of notifications, is that we need to proxy the websocket connection through our varnish and nginx reverse proxies (phab has two layers of proxies in front of it for horribly bad reasons I don't wanna talk about)

but the aplict server it's self is a fairly straightforward nodejs-based websocket thing.
https://secure.phabricator.com/book/phabricator/article/notifications/

Restricted Application added a subscriber: scfc. · View Herald TranscriptJun 12 2015, 9:03 PM

Is this still being blocked by upstream?

Upsteam did a nice refactor of everything, so no longer blocked on their use of flash. I found one potentially blocking bug in the new service, I need to get that verified and reported to them, then we should be ok to deploy. Sorry for the delay.

@Negative24: besides security review this is also blocked by ops: need to tunnel the websocket through two layers of reverse-proxy servers.

I found one potentially blocking bug in the new service, I need to get that verified and reported to them

@csteipp: Has that step happened? If yes: upstream task ID welcome.

Any vague timeframe for when this is scheduled?

As I said on email, it was scheduled for last week, then stuff happened.
Should be next week.

Ok, things look mostly ok as long as we take a couple of precautions running this in production:

  • Don't configure a logging file-- too much opportunity for DoS (arbitrary length messages from users are written into the log), and there might be some privacy impact since it logs remote ip + user ids.
  • Make sure the admin host remains 127.0.0.1 (default setting). Anyone with access to that port can be a very painful nuisance to other users.
greg added a subscriber: greg.Nov 18 2015, 12:01 AM

Thanks a ton, Chris!

greg added a comment.Nov 18 2015, 4:31 PM

@csteipp: I know you have your own workflow on some things, so should I not close this task as resolved and let you do it? :)

csteipp closed this task as Resolved.Nov 18 2015, 5:06 PM