Story #2661

Security audit

Added by Tim Pierce about 4 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Assigned To:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Story points:
-

History

#1 Updated by Tim Pierce about 4 years ago

  • Tracker changed from Bug to Story

Adding this story as a placeholder for performing a general security audit on Arvados infrastructure.

Some items that we want to prove and document we have covered, an incomplete list (please add to this)
  • URL path traversal attacks, e.g. GET /somevalidhash+size/../../../../etc/passwd

#2 Updated by Tom Clegg almost 4 years ago

  • Target version set to Arvados Future Sprints

#3 Updated by Tom Clegg about 1 year ago

  • Status changed from New to Closed

#4 Updated by Tom Clegg about 1 year ago

  • Target version deleted (Arvados Future Sprints)

Also available in: Atom PDF