Paths

Table of Contentst

Differential D20159

Raise a setup warning when locked configuration has a configuration value stored in the database
ClosedPublic
Actions

Authored by epriestley on Feb 13 2019, 2:45 PM.

Tags

None

Referenced Files

	F19037455: D20159.id.diff
	Nov 25 2025, 11:35 PM

	F19031336: D20159.diff
	Nov 25 2025, 12:07 AM

	F18851935: D20159.id.diff
	Oct 31 2025, 5:28 AM

	F18836982: D20159.id.diff
	Oct 27 2025, 4:05 AM

	F18814810: D20159.id.diff
	Oct 20 2025, 11:58 PM

	F18810618: D20159.diff
	Oct 19 2025, 10:35 PM

	F18809735: D20159.id48146.diff
	Oct 19 2025, 4:27 PM

	F18808979: D20159.id48138.diff
	Oct 19 2025, 10:12 AM

Subscribers

None

Details

Reviewers

Maniphest Tasks

T13249: 2019 Week 7 - 10 Bonus Content

Commits

rPeb73cb68ff5b: Raise a setup warning when locked configuration has a configuration value…

Summary

Ref T13249. See https://discourse.phabricator-community.org/t/configuring-the-number-of-taskmaster-daemons/2394/.

Today, when a configuration value is "locked", we prevent writes to the database. However, we still perform reads. When you upgrade, we generally don't want a bunch of your configuration to change by surprise.

Some day, I'd like to stop reading locked configuration from the database. This would defuse an escalation where an attacker finds a way to write to locked configuration despite safeguards, e.g. through SQL injection or policy bypass. Today, they could write to cluster.mailers or similar and substantially escalate access. A better behavior would be to ignore database values for cluster.mailers and other locked config, so that these impermissible writes have no effect.

Doing this today would break a lot of installs, but we can warn them about it now and then make the change at a later date.

Test Plan

Forced a phd.taskmasters config value into the database.
Saw setup warning.
Used bin/config delete --database phd.taskmasters to clear the warning.
Reviewed documentation changes.
Reviewed phd.taskmasters documentation adjustment.

Diff Detail

Repository

Branch

config1

Lint

Lint Passed

Unit

Tests Passed

Build Status

Buildable 21982
Build 30023: Run Core Tests
Build 30022: arc lint + arc unit

Event Timeline

epriestley created this revision.Feb 13 2019, 2:45 PM

epriestley mentioned this in T13249: 2019 Week 7 - 10 Bonus Content.Feb 13 2019, 2:46 PM

Harbormaster completed remote builds in B21982: Diff 48138.Feb 13 2019, 2:47 PM

epriestley requested review of this revision.Feb 13 2019, 2:47 PM

amckinley accepted this revision.Feb 13 2019, 6:45 PM

amckinley added inline comments.

src/applications/config/check/PhabricatorExtraConfigSetupCheck.php
158	"configuration option"

This revision is now accepted and ready to land.Feb 13 2019, 6:45 PM

Closed by commit rPeb73cb68ff5b: Raise a setup warning when locked configuration has a configuration value… (authored by epriestley). · Explain WhyFeb 13 2019, 8:27 PM

This revision was automatically updated to reflect the committed changes.

epriestley added inline comments.Feb 13 2019, 8:28 PM

src/applications/config/check/PhabricatorExtraConfigSetupCheck.php
158	🕶

Revision Contents
Changeset List

Path

Size

src/

applications/

config/

check/

PhabricatorExtraConfigSetupCheck.php

101 lines

option/

PhabricatorPHDConfigOptions.php

7 lines

docs/

user/

configuration/

configuration_locked.diviner

49 lines

Diff 48138

src/applications/config/check/PhabricatorExtraConfigSetupCheck.php

Loading...

src/applications/config/option/PhabricatorPHDConfigOptions.php

Loading...

src/docs/user/configuration/configuration_locked.diviner

Loading...