archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
7,247 Commits 6 Branches 0 Tags
7145587df7fb43fb269cb0fc0dd942fdd91ce914
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
epriestley 7145587df7 Lock down some config options 
Summary:
This is just a general review of config options, to reduce the amount of damage a rogue administrator (without host access) can do. In particular:

  - Fix some typos.
  - Lock down some options which would potentially let a rogue administrator do something sketchy.
    - Most of the new locks relate to having them register a new service account, then redirect services to their account. This potentially allows them to read email.
    - Lock down some general disk stuff, which could be troublesome in combination with other vulnerabilities.

Test Plan:
  - Read through config options.
  - Tried to think about how to do evil things with each one.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8928
2014-05-01 10:23:49 -07:00
bin
Write a very basic string extractor
2014-02-05 11:02:41 -08:00
conf
Remove flavor text for action buttons
2014-04-18 17:51:46 -07:00
externals
Generate QR codes for TOTP tokens
2014-05-01 10:23:11 -07:00
resources
Require multiple auth factors to establish web sessions
2014-05-01 10:23:02 -07:00
scripts
Install PHP mbstring extension on RHEL & friends
2014-04-14 14:59:27 -07:00
src
Lock down some config options
2014-05-01 10:23:49 -07:00
support
Disable rate limiting by default in general
2014-04-09 11:52:34 -07:00
webroot
Change spacing, layout of ObjectItem states
2014-05-01 09:35:14 -07:00
.arcconfig
Updated .arcconfig to match newer style configuration.
2014-02-25 07:48:30 -08:00
.editorconfig
Specify config for text editors
2012-11-03 22:34:44 -07:00
.gitignore
Rate limit requests by IP
2014-04-08 18:36:21 -07:00
LICENSE
Delete license headers from files
2012-11-05 11:16:51 -08:00
NOTICE
Increment year.
2013-01-03 05:45:08 -08:00
README
Modernize README
2014-01-24 12:28:54 -08:00

README 

Phabricator is an open source collection of web applications which help
software companies build better software.

Phabricator includes applications for:

  - reviewing and auditing source code;
  - hosting and browsing repositories;
  - assembling a party to venture forth;
  - tracking bugs;
  - hiding stuff from coworkers; and
  - also some other things.

You can learn more about the project (and find links to documentation and
resources) here:

  http://phabricator.org/

Phabricator is developed and maintained by Phacility. The first version of
Phabricator was originally built at Facebook.

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.
Description
Phabricator
Readme 105 MiB
Languages
PHP 93.4%
JavaScript 4.1%
CSS 2.4%