epriestley 7145587df7 Lock down some config options ... Summary: This is just a general review of config options, to reduce the amount of damage a rogue administrator (without host access) can do. In particular: - Fix some typos. - Lock down some options which would potentially let a rogue administrator do something sketchy. - Most of the new locks relate to having them register a new service account, then redirect services to their account. This potentially allows them to read email. - Lock down some general disk stuff, which could be troublesome in combination with other vulnerabilities. Test Plan: - Read through config options. - Tried to think about how to do evil things with each one. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Differential Revision: https://secure.phabricator.com/D8928		2014-05-01 10:23:49 -07:00
..
application	Add initial cut of PayPal and pay-once-at-checkout providers to Phortune	2013-05-06 11:44:24 -07:00
constants	General cleanup for adding payment methods in Phortune	2013-04-25 09:49:32 -07:00
control	Convert AphrontFormControl to safe HTML	2013-02-05 15:52:46 -08:00
controller	Provide convenience method addTextCrumb() to PhabricatorCrumbsView	2013-12-18 17:47:34 -08:00
currency	Added some additional assertion methods.	2014-03-08 19:16:21 -08:00
editor	Phortune v0.1: products	2013-03-28 09:13:07 -07:00
exception	Implement Balanced Payments as a PhortunePaymentProvider	2013-04-25 09:48:04 -07:00
option	Lock down some config options	2014-05-01 10:23:49 -07:00
provider	Added some additional assertion methods.	2014-03-08 19:16:21 -08:00
query	Lock policy queries to their applications	2013-10-21 17:20:27 -07:00
storage	Fix Phortune so it allows users to create their accounts implicitly	2013-12-12 11:19:03 +11:00
view	General cleanup for adding payment methods in Phortune	2013-04-25 09:49:32 -07:00