[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3158 [Company]: Need a clearer policy about who gets ldap accounts

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #3158 [Company]: Need a clearer policy about who gets ldap accounts
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Fri, 13 May 2011 03:35:00 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 12 May 2011 23:35:18 -0400
In-reply-to: <044.360ee1ef20b4a6161c3642683117e816@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.360ee1ef20b4a6161c3642683117e816@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#3158: Need a clearer policy about who gets ldap accounts
---------------------+------------------------------------------------------
 Reporter:  arma     |          Owner:  phobos
     Type:  defect   |         Status:  new   
 Priority:  normal   |      Milestone:        
Component:  Company  |        Version:        
 Keywords:           |         Parent:        
   Points:           |   Actualpoints:        
---------------------+------------------------------------------------------

Comment(by rransom):

 I noticed when I received access to the Tor Git server that I had read
 access to the gitolite-admin repo, which contains the complete history of
 the list of all Git repos on git-rw.tpo and who has access to them.  (I
 confirmed that I had read access using âgit ls-remoteâ, not âgit cloneâ or
 any other command that would have actually retrieved the repository
 contents.)  If there is anything sensitive in there, we should restrict
 access to that repository before handing out LDAP accounts and Git access
 to people we know less well.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3158#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #3158 [Company]: Need a clearer policy about who gets ldap accounts
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #3158 [Company]: Need a clearer policy about who gets ldap accounts
Next by Author: Re: [tor-bugs] #3156 [Tor Client]: Tor does not find .onion sites when manually setting pc clock
Previous by thread: Re: [tor-bugs] #3158 [Company]: Need a clearer policy about who gets ldap accounts
Next by thread: Re: [tor-bugs] #3158 [Company]: Need a clearer policy about who gets ldap accounts
Index(es):
- Author
- Thread