1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-22 14:52:41 +01:00
No description
Find a file
epriestley 7145587df7 Lock down some config options
Summary:
This is just a general review of config options, to reduce the amount of damage a rogue administrator (without host access) can do. In particular:

  - Fix some typos.
  - Lock down some options which would potentially let a rogue administrator do something sketchy.
    - Most of the new locks relate to having them register a new service account, then redirect services to their account. This potentially allows them to read email.
    - Lock down some general disk stuff, which could be troublesome in combination with other vulnerabilities.

Test Plan:
  - Read through config options.
  - Tried to think about how to do evil things with each one.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8928
2014-05-01 10:23:49 -07:00
bin Write a very basic string extractor 2014-02-05 11:02:41 -08:00
conf Remove flavor text for action buttons 2014-04-18 17:51:46 -07:00
externals Generate QR codes for TOTP tokens 2014-05-01 10:23:11 -07:00
resources Require multiple auth factors to establish web sessions 2014-05-01 10:23:02 -07:00
scripts Install PHP mbstring extension on RHEL & friends 2014-04-14 14:59:27 -07:00
src Lock down some config options 2014-05-01 10:23:49 -07:00
support Disable rate limiting by default in general 2014-04-09 11:52:34 -07:00
webroot Change spacing, layout of ObjectItem states 2014-05-01 09:35:14 -07:00
.arcconfig Updated .arcconfig to match newer style configuration. 2014-02-25 07:48:30 -08:00
.editorconfig Specify config for text editors 2012-11-03 22:34:44 -07:00
.gitignore Rate limit requests by IP 2014-04-08 18:36:21 -07:00
LICENSE Delete license headers from files 2012-11-05 11:16:51 -08:00
NOTICE Increment year. 2013-01-03 05:45:08 -08:00
README Modernize README 2014-01-24 12:28:54 -08:00

Phabricator is an open source collection of web applications which help
software companies build better software.

Phabricator includes applications for:

  - reviewing and auditing source code;
  - hosting and browsing repositories;
  - assembling a party to venture forth;
  - tracking bugs;
  - hiding stuff from coworkers; and
  - also some other things.

You can learn more about the project (and find links to documentation and
resources) here:

  http://phabricator.org/

Phabricator is developed and maintained by Phacility. The first version of
Phabricator was originally built at Facebook.

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.