Page MenuHomePhabricator
Create Task
Maniphest T4868

The case of the Security project
Closed, DuplicatePublic
Actions

Description

Let's define the case of the Security project mentioned at T390 and T3820. The strong case for this feature are open source projects, who don't have the luxury of operating in an intranet accessed by users covered by NDAs. Because open source projects are really open, they really need private areas to handle sensitive information.

The following use cases are extracted from Wikimedia's Bugzilla workflow for security issues. I'm calling the project and team "Security", but the same would be applied to other areas like i.e. procurement.

  • A Security product only visible to the Security team (supported in Phabricator)
  • A task created for the Security project could not bypass the project policies, e.g. nobody can create accidentally a task for the Security project that is "Visible to all".
  • When a task reported elsewhere is moved to the Security project, the reporter and anyone CCed still can see this specific task without joining the Security team, they can post comments, and they will keep receiving the related notifications.
    • In Bugzilla you can only choose one product for a task, maybe in Phabricator we wouldn't talk about "moving" but about "adding" and "removing" the Security project to a task.
  • When a task is solved, it is moved out from the Security project to wherever appropriate, becoming visible to all users.
  • "A handful of times each year, someone reports private data as part of a security bug (IP addresses, etc). We need to be able to make those specific comments invisible, or be able to delete them", our Security expert says. The data should not be visible in some diff either. Since these are rare situations, if developing a UI for this would be expensive, a hackish-backend solution would be fine.

Related use cases that would allow us to solve more problems:

  • Members of the Security team can add manually other users in CC, to give them access to a specific task in the Security project, allowing them to receive notifications as well (supported, I guess).
  • Registered and non-registered users can report tasks for the Security project via email.
  • Registered and non-registered users can comment to tasks for the Security project via email, after receiving the email address from the Security team.

Related Objects
Search...

StatusAssignedTask
 DuplicateNoneT7869 Support CircleCI webhooks for Test results (so that one can run unit tests asynchronously)
 ResolvedepriestleyT9456 Evaluate upstream support for third-party build systems
 ResolvedepriestleyT9123 Build Phabricator in Harbormaster (v2)
 ResolvedepriestleyT2543 Add a formal "Draft" / "Not Yet Ready for Review" state to Differential
Restricted Maniphest Task
 ResolvedepriestleyT1315 Phacility Launch Status
 ResolvedepriestleyT2795 Phacility (Mid Priority)
 ResolvedchadT2637 Unbeta Pholio
 ResolvedchadT2636 It's difficult to know an inline comment didn't post/save in Pholio
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
 OpenNoneT3612 Lightbox v2
Restricted Maniphest Task
 OpenNoneT11332 Present Pholio inline comments in a lightbox
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
 DuplicateNoneT2644 Make Pholio work better on mobile
Restricted Maniphest Task
 ResolvedchadT1960 Breadcrumbs or similar UI-navigation for getting back to the ticket overview
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
 ResolvedNoneT1026 Request: ability to select line range for comment via touchscreen
Restricted Maniphest Task
Restricted Maniphest Task
 ResolvedhsbT1895 Disable live previews
Restricted Maniphest Task
Restricted Maniphest Task
 ResolvedepriestleyT4767 Autoclose and "Fixes/Ref" are too difficult for users to debug
 ResolvedepriestleyT5644 Add controls to prevent `pygmentize` from saturating system resources
 ResolvedepriestleyT5179 Unearth Differential rendering technical debt
 ResolvedjoshuaspenceT1751 Consider ways to improve revert handling
 ResolvedepriestleyT2542 Provide a link from revisions that are blamees to their blamers
 ResolvedbtrahanT3189 [feature request] Tag commits
Restricted Maniphest Task
 ResolvedbtrahanT5875 "Close Revision" and "Merge Task" interactions should be real transactions, not comments
Restricted Maniphest Task
 DuplicateepriestleyT5654 Show more context for inline comments in Differential timeline
 ResolvedepriestleyT2009 Refactor DifferentialChangesetParser to support 1-up views and sanity
Restricted Maniphest Task
 WontfixepriestleyT5742 Add commentor column to "Revision Update History" table
Restricted Maniphest Task
 ResolvedepriestleyT7358 When Replying to an Inline Comment, provide original context in email?
 ResolvedepriestleyT1460 Add "Done" link to an inline comment
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
 DuplicateNoneT3959 feed attributes all diff edits to diff owner
 ResolvedepriestleyT2222 Implement ApplicationTransactions in Differential
Restricted Maniphest Task
 ResolvedepriestleyT4264 Implement Repo/Project Herald rules to provide a middle ground between personal and global rules
 ResolvedepriestleyT5595 Allow all applications to filter results by project
 ResolvedepriestleyT2628 Add project tags to Pholio, Ponder, Differential, and other applications
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
 DuplicateNoneT4868 The case of the Security project
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
Restricted Maniphest Task
 DuplicateNoneT4893 Restricting the access levels of all tasks under a specific project

Event Timeline

qgil created this task.Apr 22 2014, 9:48 PM
qgil raised the priority of this task from to Normal.
qgil updated the task description. (Show Details)
qgil added a project: Policy.
qgil added subscribers: epriestley, chad, btrahan and 8 others.
qgil edited this Maniphest Task.Apr 22 2014, 9:48 PM
qgil edited this Maniphest Task.Apr 24 2014, 5:06 AM
qgil edited this Maniphest Task.
qgil updated the task description. (Show Details)Apr 24 2014, 5:08 AM
qgil edited this Maniphest Task.Apr 24 2014, 5:34 AM
qgil raised the priority of this task from Normal to Needs Triage.Apr 24 2014, 5:34 AM
chad added a project: Wikimedia.Apr 29 2014, 10:26 PM
qgil moved this task to Feedback welcome on the Wikimedia board.Apr 30 2014, 3:12 PM
epriestley added a comment.May 6 2014, 3:20 AM

I think this mostly maps to T3820, as per T4893#12

The email stuff is a bit special, but easy in a world where T3820 exists and works properly.

"A handful of times each year, someone reports private data as part of a security bug (IP addresses, etc). We need to be able to make those specific comments invisible, or be able to delete them", our Security expert says. The data should not be visible in some diff either. Since these are rare situations, if developing a UI for this would be expensive, a hackish-backend solution would be fine.

I think the stuff in T4909 covers this now.

qgil moved this task from Feedback welcome to Potential blockers on the Wikimedia board.May 6 2014, 2:47 PM
qgil added a comment.EditedMay 7 2014, 4:02 PM

Ok, I will merge this to T3820 in order to keep the discussion in one place.

qgil closed this task as a duplicate.May 7 2014, 4:03 PM

✘ Merged into T3820.

epriestley closed subtask Restricted Maniphest Task as Wontfix.Aug 6 2014, 9:00 PM
Phabricator · Built by Phacility