|
Be careful of dynamic assertions
Jeffrey Walton <noloader@...>
Hi Everyone,
Thanks for the service. I really like the idea of a mini Security Architecture document so projects can discuss their governance, policies and procedures. I've written a lot of them over they years and I know they are helpful. I recently added Crypto++ to CII. Also see https://bestpractices.coreinfrastructure.org/en/projects/3806. Under "Dynamic code analysis", one of the recommendations is: It is SUGGESTED that the software produced by the project include many run-time assertions... As a C/C++/ObjC developer when I see "run-time assertions" I think of Posix assert (https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/assert.h.html). Runtime assertions in production software could be bad for several reasons. Let me preface it with: runtime assertions are not dangerous at development time. At development time they aide the programmer by snapping the debugger. Asserts create self-debugging code in this instance. I embrace asserts at development time. Runtime assertions are not dangerous to some software in production, like music players and video players. An assert may annoy a user, but the app is not handling sensitive information so it is just another UI bug. However, high integrity software must be careful of assertions in production. Here are the reasons given for Crypto++ in the CII report. <SNIP> The library never asserts in production for four reasons. First, it is the application's authors decision to crash their app. The library does not make policy decisions for the application author. Second, some platforms, like Apple iOS, do not allow asserts to crash an application because it degrades the UI experience. The library will not cause an author's app to be rejected from an App Store. Third, the library handles sensitive information like private keys, shared secrets and passwords. When an assert fires the core file will include the sensitive information. That means the sensitive information has been egressed outside the application's security boundary. Folks with access to the mobile device or a computer paired/sync'd with a mobile device will be able to recover the secrets from the filesystem. Fourth, the core file may be shipped to an Error Reporting Service. Now Apple, Google, Fedora, Red Hat, Ubuntu or Microsoft have the user's private keys, shared secrets and passwords. Then the information is passed onto the developer who has the user's private keys, shared secrets and passwords. Fifth, when an assert crashes a server, it (1) may preserve data Integrity at the expense of (2) Confidentiality of the data and (3) Availability of the server. If an author wishes to preserve Integrity, they merely need to call exit(1) without the loss of Confidentiality. </SNIP> In fact, when I was working as a Security Architect in US Financial (Bank of America and Morgan Stanley), we would reject vendor apps that used asserts in production. There was too much financial and reputational risk with using asserts. The firm did not want to pay a regulatory fine or suffer the reputational harm because customer SSNs were not handled properly. Also see "GMP and assert()" on LWN at https://lwn.net/Articles/780817/. It caused a shit storm when posted to OSS Security mailing list. Jeffrey Walton Baltimore, MD, US
|
|
|
|
FLOSS Weekly #550 was on the CII Best Practices Badge!
FYI: The CII Best Practices Badge was recently featured on “FLOSS Weekly” episode #550. You can watch my interview here: https://twit.tv/shows/floss-weekly/episodes/550
We got a “bump” in the number of participating projects in the last few days, and I suspect that is the cause. As always, you can see stats on project participation here: https://bestpractices.coreinfrastructure.org/en/project_stats
--- David A. Wheeler
|
|
|
|
Re: Add contributor to process?
Sure! To add an additional editor to a project, you’ll need to know the user id (an integer) of the user to add. Here’s how to then add that information.
First view the project: https://bestpractices.coreinfrastructure.org/en/projects/3038
Click on “edit”.
Search (e.g., using “control-F”) for “Additional rights”. You should find this field: (Advanced) What other users have additional rights to edit this badge entry? Currently:
If you click on “Details” it’ll explain that “If you want someone else to be able to edit this badge entry, and you already have edit rights to this project badge entry, you can additional users with edit rights. Just enter "+" followed by a comma-separated list of integer user ids. Those users will then also be allowed to edit this project entry.”
So enter “+NUMBER”, then save.
That’s it.
--- David A. Wheeler
From: Cii-badges-questions@... <Cii-badges-questions@...>
On Behalf Of Christina Keelan Cottrell
Sent: Wednesday, August 7, 2019 8:55 PM To: cii-badges-questions@... Cc: gabor.brs@... Subject: [Cii-badges-questions] Add contributor to process?
Hello,
I'm adding our project to CII Best Practices and I was wondering if I could add an additional contributor to help me complete the steps? He has been cc'd on this message.
Project Name: rethinkdb Project ID: 3038
Thank you! Christina
|
|
|
|
Add contributor to process?
Christina Keelan Cottrell <christinakeelan@...>
Hello, I'm adding our project to CII Best Practices and I was wondering if I could add an additional contributor to help me complete the steps? He has been cc'd on this message. Project Name: rethinkdb Project ID: 3038 Thank you! Christina
|
|
|
|
Re: How do we edit CII report for Jaeger?
Yuri Shkuro <ys@...>
great, thanks, I got the Edit button now.
On Wed, Feb 20, 2019 at 11:10 AM Juraci Paixão Kröhling <jpkroehling@...> wrote: Added: could you try again?
|
|
|
|
Re: How do we edit CII report for Jaeger?
Juraci Paixão Kröhling <jpkroehling@...>
Added: could you try again?
toggle quoted messageShow quoted text
- Juca.
On 2/20/19 4:59 PM, Yuri Shkuro wrote:
I have the account: https://bestpractices.coreinfrastructure.org/en/users/3394
|
|
|
|
Re: How do we edit CII report for Jaeger?
Yuri Shkuro <ys@...>
On Wed, Feb 20, 2019 at 10:13 AM Wheeler, David A <dwheeler@...> wrote: Don't add the *GitHub* id, add the id on the *BadgeApp*. Yuri will need to sign up (create an account) on the BadgeApp first, https://bestpractices.coreinfrastructure.org
|
|
|
|
Re: How do we edit CII report for Jaeger?
Juraci Paixão Kröhling <jpkroehling@...>
On 2/14/19 9:19 PM, Wheeler, David A wrote:
You're using GitHub for version control (<https://github.com/jaegertracing/jaeger>;), so anyone who can directly edit that project should also be able to edit the badge entry. I've been told that may not work in some cases, however.I think it did not work for Yuri. If that doesn't work, we have a mechanism that allows you to grant edit rights to anyone else. First have the other maintainers create an account on the CII badging project site (using GitHub or their own email address), and have them tell you their user id on the CII Best Practices site. Then you go to:Thanks! I added "+3523016" to the field, which should be Yuri's ID on GitHub. Yuri: could you check whether you can now edit the badge? - Juca.
|
|
|
|
Re: How do we edit CII report for Jaeger?
Don't add the *GitHub* id, add the id on the *BadgeApp*. Yuri will need to sign up (create an account) on the BadgeApp first, https://bestpractices.coreinfrastructure.org
toggle quoted messageShow quoted text
-----Original Message-----
From: Juraci Paixão Kröhling <jpkroehling@redhat.com> Sent: Wednesday, February 20, 2019 8:02 AM To: Yuri Shkuro <ys@uber.com> Cc: Wheeler, David A <dwheeler@ida.org>; cii-badges-questions@lists.coreinfrastructure.org; Dossett, Jason N <jdossett@ida.org> Subject: Re: [Cii-badges-questions] How do we edit CII report for Jaeger? On 2/14/19 9:19 PM, Wheeler, David A wrote: You're using GitHub for version control (<https://github.com/jaegertracing/jaeger>;), so anyone who can directly edit that project should also be able to edit the badge entry. I've been told that may not work in some cases, however.I think it did not work for Yuri. If that doesn't work, we have a mechanism that allows you to grant edit rights to anyone else. First have the other maintainers create an account on the CII badging project site (using GitHub or their own email address), and have them tell you their user id on the CII Best Practices site. Then you go to:Thanks! I added "+3523016" to the field, which should be Yuri's ID on GitHub. Yuri: could you check whether you can now edit the badge? - Juca.
|
|
|
|
Re: How do we edit CII report for Jaeger?
Juca: Absolutely!!
You're using GitHub for version control (<https://github.com/jaegertracing/jaeger>;), so anyone who can directly edit that project should also be able to edit the badge entry. I've been told that may not work in some cases, however. If that doesn't work, we have a mechanism that allows you to grant edit rights to anyone else. First have the other maintainers create an account on the CII badging project site (using GitHub or their own email address), and have them tell you their user id on the CII Best Practices site. Then you go to: https://bestpractices.coreinfrastructure.org/en/projects/1273/edit#additional_rights_changes You can click on "show details" for more information. Here's the key text: Just enter "+" followed by a comma-separated list of integer user ids. Those users will then also be allowed to edit this project entry. If you're the owner of the badge entry or a BadgeApp administrator, you can remove users from this list by entering "-" followed by a comma-separated list of integer user ids. We expect that normally only one person will edit a particular badge entry at a time. This application uses optimistic locking to prevent saving stale data if multiple users try to edit a badge entry simultaneously. If you have multiple editors, we recommend saving badge entry data incrementally and often (that is a wise practice anyway).I hope that helps!! --- David A. Wheeler -----Original Message----- From: Cii-badges-questions@lists.coreinfrastructure.org <Cii-badges-questions@lists.coreinfrastructure.org> On Behalf Of Juraci Paixão Kröhling Sent: Wednesday, February 13, 2019 11:37 AM To: cii-badges-questions@lists.coreinfrastructure.org Cc: Yuri Shkuro <ys@uber.com> Subject: Re: [Cii-badges-questions] How do we edit CII report for Jaeger? Hey there, I'm the "owner" of the Jaeger project in the CII badge program (project #1273) and I'm trying to find a way to give permissions to other maintainers to fill out the forms, but can't find how. Would you be able to help us? Best, Juca. On 2/13/19 4:15 PM, Yuri Shkuro wrote: No I didn't see an edit button. It's not urgent. CNCF TOC is discussing whether higher rank badges are required for graduation.On Feb 13, 2019, at 3:35 AM, Juraci Paixão Kröhling <jpkroehling@redhat.com> wrote:
|
|
|
|
Re: How do we edit CII report for Jaeger?
Juraci Paixão Kröhling <jpkroehling@...>
Hey there,
toggle quoted messageShow quoted text
I'm the "owner" of the Jaeger project in the CII badge program (project #1273) and I'm trying to find a way to give permissions to other maintainers to fill out the forms, but can't find how. Would you be able to help us? Best, Juca.
On 2/13/19 4:15 PM, Yuri Shkuro wrote:
No I didn't see an edit button. It's not urgent. CNCF TOC is discussing whether higher rank badges are required for graduation.On Feb 13, 2019, at 3:35 AM, Juraci Paixão Kröhling <jpkroehling@redhat.com> wrote:
|
|
|
|
Re: "Passed" Badge not updated on CNCF Landscape
Dan Kohn <dan@...>
We're glad to have you on the landscape and with a badge. -- Dan Kohn <dan@...> Executive Director, Cloud Native Computing Foundation https://www.cncf.io +1-415-233-1000 https://www.dankohn.com
On Mon, Dec 10, 2018 at 3:30 PM Lindsay Hill <LHILL@...> wrote:
|
|
|
|
Re: "Passed" Badge not updated on CNCF Landscape
Awesome! Dan, a big thanks to your team for fixing this so quickly.
--- David A. Wheeler
From: Dan Kohn <dan@...>
Sent: Monday, December 10, 2018 1:38 PM To: Wheeler, David A <dwheeler@...> Cc: DZIMINE@...; cii-badges-questions@...; LHILL@... Subject: Re: "Passed" Badge not updated on CNCF Landscape
Thanks for reporting. -- Dan Kohn <dan@...> Executive Director, Cloud Native Computing Foundation https://www.cncf.io +1-415-233-1000 https://www.dankohn.com
On Mon, Dec 10, 2018 at 11:19 AM Dan Kohn <dan@...> wrote:
|
|
|
|
Re: "Passed" Badge not updated on CNCF Landscape
Dan Kohn <dan@...>
Thanks for reporting. -- Dan Kohn <dan@...> Executive Director, Cloud Native Computing Foundation https://www.cncf.io +1-415-233-1000 https://www.dankohn.com
On Mon, Dec 10, 2018 at 11:19 AM Dan Kohn <dan@...> wrote:
|
|
|
|
Re: "Passed" Badge not updated on CNCF Landscape
Dan Kohn <dan@...>
Tracking the issue here: https://github.com/cncf/landscape/issues/1038 -- Dan Kohn <dan@...> Executive Director, Cloud Native Computing Foundation https://www.cncf.io +1-415-233-1000 https://www.dankohn.com
On Mon, Dec 10, 2018 at 10:26 AM Wheeler, David A <dwheeler@...> wrote:
|
|
|
|
Re: "Passed" Badge not updated on CNCF Landscape
Thanks so much for the compliment!
I can confirm that StackStorm shows a passing badge. I think the CNCF landscape dashboard isn’t finding the badge for some reason.
Dan Kohn: Any idea what’s happening?
--- David A. Wheeler
From: Cii-badges-questions@... <Cii-badges-questions@...>
On Behalf Of Dmitri Zimine
Sent: Friday, December 7, 2018 6:43 PM To: cii-badges-questions@... Cc: Lindsay Hill <LHILL@...> Subject: [Cii-badges-questions] "Passed" Badge not updated on CNCF Landscape
Hi all,
First thanks for a great service; now could you please help rationalize one little problem:
StackStorm is part of CNCF Landscape. We went through the CII assessment and passed it (it's mature opensource project with history and strong community...) https://bestpractices.coreinfrastructure.org/en/projects/1833
But in CNCF Landscape the badge still shows as "No CII best practices ". https://landscape.cncf.io/selected=stack-storm
Do we need to do something extra? Or it's a bug?
Thanks for taking a look;
Dmitri
|
|
|
|
"Passed" Badge not updated on CNCF Landscape
Dmitri Zimine <DZIMINE@...>
Hi all,
First thanks for a great service; now could you please help rationalize one little problem:
StackStorm is part of CNCF Landscape. We went through the CII assessment and passed it (it's mature opensource project with history and strong community...) https://bestpractices.coreinfrastructure.org/en/projects/1833
But in CNCF Landscape the badge still shows as "No CII best practices ". https://landscape.cncf.io/selected=stack-storm
Do we need to do something extra? Or it's a bug?
Thanks for taking a look;
Dmitri
|
|
|
|
Re: Changing badge owner?
Yes indeed. It’s a manual process, because it happens rarely (at most a few times a year).
Tell us what project # you want to take over. We’ll email both you & the original project owner. If all seems okay, we switch.
--- David A. Wheeler
From: Cii-badges-questions@... [mailto:Cii-badges-questions@...]
On Behalf Of Justin Cappos
Sent: Friday, October 12, 2018 5:51 PM To: cii-badges-questions@... Subject: [Cii-badges-questions] Changing badge owner?
Is there a way to change a badge's owner? (I was planning to take ownership of the TUF project's badge.)
I looked several places but couldn't see how to do this on the site.
Thanks! Justin
|
|
|
|
Changing badge owner?
Justin Cappos <jcappos@...>
Is there a way to change a badge's owner? (I was planning to take ownership of the TUF project's badge.) I looked several places but couldn't see how to do this on the site. Thanks! Justin
|
|
|
|
Re: Test
Marcus:
Test of non-member postingIt worked! --- David A. Wheeler
|
|
|
| 1 - 20 of 26 |