Story #2661

Security audit

Added by Tim Pierce almost 3 years ago. Updated 15 days ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:-
Target version:-
Story points-
Velocity based estimate-

History

#1 Updated by Tim Pierce almost 3 years ago

  • Tracker changed from Bug to Story

Adding this story as a placeholder for performing a general security audit on Arvados infrastructure.

Some items that we want to prove and document we have covered, an incomplete list (please add to this)
  • URL path traversal attacks, e.g. GET /somevalidhash+size/../../../../etc/passwd

#2 Updated by Tom Clegg over 2 years ago

  • Target version set to Arvados Future Sprints

#3 Updated by Tom Clegg 17 days ago

  • Status changed from New to Closed

#4 Updated by Tom Clegg 15 days ago

  • Target version deleted (Arvados Future Sprints)

Also available in: Atom PDF