mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-28 09:42:41 +01:00
7145587df7
Summary: This is just a general review of config options, to reduce the amount of damage a rogue administrator (without host access) can do. In particular: - Fix some typos. - Lock down some options which would potentially let a rogue administrator do something sketchy. - Most of the new locks relate to having them register a new service account, then redirect services to their account. This potentially allows them to read email. - Lock down some general disk stuff, which could be troublesome in combination with other vulnerabilities. Test Plan: - Read through config options. - Tried to think about how to do evil things with each one. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Differential Revision: https://secure.phabricator.com/D8928 |
||
---|---|---|
.. | ||
application | ||
conduit | ||
constants | ||
controller | ||
customfield | ||
daemon | ||
data | ||
editor | ||
engine | ||
management | ||
phid | ||
query | ||
response | ||
search | ||
storage | ||
worker | ||
PhabricatorRepositoryConfigOptions.php |