- Issue created by @poker10
- πΈπ°Slovakia poker10
Given the security perspective, I think this is a better title.
- πΊπΈUnited States phenaproxima Massachusetts
A concerted effort was made to minimize the number of questions asked by the installer. If weβre gonna do this, it needs to be signed off on by the UX team.
Assigning to @ckrina to weigh in.
- πͺπΈSpain ckrina Barcelona
When WASM was the main testing tool, we decided we'd remove the step to set the user email and password to reduce the number of screens, as Adam says. But since that won't be the testing tool and there might be other reasons to ask for the email, I doubt we'll skip this step in the foreseeable future. Assigning to @pameela to validate this issue can be closed.
- πΊπΈUnited States phenaproxima Massachusetts
This blocks #3491190-7: [PP-1] Style installer with updated designs β , which it itself a stable blocker. Therefore, this is now a critical stable blocker. Assigning to myself to work on it, since collecting credentials when the system is not installed has security implications.
- π¦πΊAustralia rikki_iki Melbourne
phenaproxima β credited rikki_iki β .
- πΊπΈUnited States phenaproxima Massachusetts
This took some fairly heavy refactoring in the installer but it works, using the form copied from π Style installer with updated designs. Active (adding credit for that).
I would like this reviewed from a security perspective -- it stores the provided email and password in cleartext in a temporary file, which is the only place I could think of to store persistent data in the early (pre-database) installer. The only other option I'm aware of is the URL, which is natively supported by the core install system, but also a total non-starter for obvious reasons.
The file is:
- Outside the web root
- Deleted at the end of the installation (if it can't be deleted, it throws an exception and explicitly calls it out as a security risk)
I'll probably have to adjust the tests a bit but this is ready for review. I'm sending it directly to @tim.plunkett since this involves persisting sensitive data to a place where it could potentially be seen by unexpected eyes.
- πΊπΈUnited States phenaproxima Massachusetts
phenaproxima β changed the visibility of the branch 3489375-installer-credentials to hidden.
- Merge request !262Use key-value to store the password temporarily β (Merged) created by phenaproxima
- πΊπΈUnited States phenaproxima Massachusetts
After all that, it turns out that a little task juggling and a form alter hook will satisfy all comers. This is no longer iffy from a security perspective; it's rock solid. Assigning to Pam for a quick manual test.
- πΊπΈUnited States phenaproxima Massachusetts
Great. Self-assigning to deal with legitimate test failures, then I'll merge it.
-
phenaproxima β
committed 29b8e4f4 on 0.x
Issue #3489375 by phenaproxima, rikki_iki: Allow and require to set...
-
phenaproxima β
committed 29b8e4f4 on 0.x
- πΊπΈUnited States phenaproxima Massachusetts
OK, I think that gives us a big leg up towards getting π Style installer with updated designs. Active done. Merged into 0.x!
- πΊπΈUnited States phenaproxima Massachusetts
Crediting @poker10 for reporting this.
Automatically closed - issue fixed for 2 weeks with no activity.
