View Issue Details

IDProjectCategoryView StatusLast Update
0001134Main CAcert Websitesource codepublic2013-09-24 19:15
ReporterWerner Dworak Assigned ToNEOatNHNG  
PrioritynormalSeveritymajorReproducibilitysometimes
Status closedResolutionfixed 
Product Version2013 Q1 
Target Version2013 Q2Fixed in Version2013 Q2 
Summary0001134: Delete the board flag thourougly in all parts of our software
DescriptionThe board flag was used for super assurances and other special rights. There seem to be complex interactions with TTP flag and Tverify flag.

In the context of the Thawte patch and the access rights review all tverify flags, old TTP flags and board flags have been removed from all accounts. So on the life system this flag has no longer any immediate impact.

But the board flag can only be seen and changed by the critical sysadmins, not by the SE console. So it is hard to monitor.

On the test system this flag is easy to set. On some tests I have set this flag which led to some strange results. So this flag seems to have some obscure effects hard to comprehend and to follow.

This is unacceptable in the view of Audit, so we should scrutinise what exactly the board flag does or did and to thoroughly extirpate every occurrence of this flag from our software.
Additional Informationfound in www/wot.php
TagsNo tags attached.
Reviewed bydastrath, BenBE
Test Instructions

Relationships

related to 0001112 closed Main CAcert Website Exchange the text on the TTP page according to the new TTP programm 
related to 0001054 needs review & testingTed Main CAcert Website Review the code regarding the new point calculation in ./includes/general.php 
related to 0001038 closedUli60 Main CAcert Website Provide a script for board/tverify reset flags by arbitration a20110118.1 
related to 0001003 closedNEOatNHNG Main CAcert Website Provide a possibility to regularly review the permissions in the system 
related to 0000888 closedNEOatNHNG Main CAcert Website to add new assurance method TTP 
related to 0000827 closedegal Main CAcert Website Tverify points to be deprecated 
related to 0001042 needs review & testingEva Main CAcert Website Review the code regarding the new point calculation  
related to 0000976 closedUli60 Main CAcert Website List of update request for webdb database structure upgrade with tables / fields 
related to 0000223 confirmed Main CAcert Website Auditor Interface 
related to 0001033 closedNEOatNHNG Main CAcert Website User can grant more then 35 points 
related to 0001023 needs workEva Main CAcert Website Consolidate changes into the Assure Someone page 
related to 0000893 closedINOPIAE Main CAcert Website Extend Delete account feature for support 
related to 0001074 closedUli60 Main CAcert Website Wrong display of method on points page wot.php?id=10 
related to 0000861 closedNEOatNHNG test.cacert.org set flags - set of flags different to - admin console flags under testserver 
related to 0000855 closedUli60 Main CAcert Website Fix adding TTP assurance method on testserver (was: admin console lists "empty" and "Unknown" ...) 
related to 0000819 closedNEOatNHNG Main CAcert Website Comparison instead of Assignment 

Activities

INOPIAE

2013-05-01 13:11

updater   ~0003961

pushed fix to https://github.com/INOPIAE/CAcert/commit/10c9513e20bbe8bc4d1ccf39e235e80db96b85c5

Werner Dworak

2013-05-01 19:51

updater   ~0003972

I stumbled over strange effects with the board flag during
https://bugs.cacert.org/view.php?id=1112#c3545
I re-tested this and the old strange behavior disappeared. So it looks like the board flag no longer creates trouble.

There are still some minor inconsistencies, but I assume they are related to bug 1112 or bug 1054. Marcus will care for it.

INOPIAE

2013-05-21 20:48

updater   ~0004012

please review. We only have one test as we do not see a good test senceario.

egal

2013-06-04 22:09

administrator   ~0004043

Review looks good ... ;-)

BenBE

2013-06-11 22:48

updater   ~0004052

Reviewed by Dirk last week

wytze

2013-06-26 13:42

developer   ~0004080

The fix has been installed on the production server on June 26, 2013. See also:
https://lists.cacert.org/wws/arc/cacert-systemlog/2013-06/msg00011.html

Issue History

Date Modified Username Field Change
2013-01-09 04:00 Werner Dworak New Issue
2013-01-09 04:03 Werner Dworak Relationship added related to 0001112
2013-01-09 04:04 Werner Dworak Relationship added related to 0001054
2013-01-09 04:04 Werner Dworak Relationship added related to 0001038
2013-01-09 04:05 Werner Dworak Relationship added related to 0001003
2013-01-09 04:07 Werner Dworak Relationship added related to 0000888
2013-01-09 04:08 Werner Dworak Relationship added related to 0000827
2013-01-09 04:10 Werner Dworak Relationship added related to 0001042
2013-01-09 04:12 Werner Dworak Relationship added related to 0000976
2013-01-09 04:13 Werner Dworak Relationship added related to 0000223
2013-01-09 04:18 Werner Dworak Relationship added related to 0001033
2013-01-09 04:19 Werner Dworak Relationship added related to 0001023
2013-01-09 04:23 Werner Dworak Relationship added related to 0000893
2013-01-09 04:26 Werner Dworak Relationship added related to 0001074
2013-01-09 04:28 Werner Dworak Relationship added related to 0000861
2013-01-09 04:29 Werner Dworak Relationship added related to 0000855
2013-01-09 04:31 Werner Dworak Relationship added related to 0000819
2013-05-01 10:53 INOPIAE Additional Information Updated View Revisions
2013-05-01 13:11 INOPIAE Note Added: 0003961
2013-05-01 13:11 INOPIAE Assigned To => BenBE
2013-05-01 13:11 INOPIAE Status new => fix available
2013-05-01 14:18 BenBE Reviewed by => BenBE
2013-05-01 14:18 BenBE Status fix available => needs review & testing
2013-05-01 14:18 BenBE Product Version => 2013 Q1
2013-05-01 14:18 BenBE Target Version => 2013 Q2
2013-05-01 14:20 BenBE Source_changeset_attached => cacert-devel testserver-stable 57a7a3de
2013-05-01 14:20 INOPIAE Source_changeset_attached => cacert-devel testserver-stable 10c9513e
2013-05-01 19:51 Werner Dworak Note Added: 0003972
2013-05-21 20:48 INOPIAE Note Added: 0004012
2013-05-21 20:48 INOPIAE Assigned To BenBE => NEOatNHNG
2013-05-21 20:48 INOPIAE Status needs review & testing => needs review
2013-06-04 22:09 egal Note Added: 0004043
2013-06-11 22:48 BenBE Reviewed by BenBE => dastrath, BenBE
2013-06-11 22:48 BenBE Note Added: 0004052
2013-06-11 22:48 BenBE Status needs review => ready to deploy
2013-06-25 20:15 BenBE Source_changeset_attached => cacert-devel release ae9db2e0
2013-06-26 13:42 wytze Note Added: 0004080
2013-06-26 13:42 wytze Status ready to deploy => solved?
2013-06-26 13:42 wytze Fixed in Version => 2013 Q2
2013-06-26 13:42 wytze Resolution open => fixed
2013-09-24 19:15 INOPIAE Status solved? => closed