View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001134 | Main CAcert Website | source code | public | 2013-01-09 04:00 | 2013-09-24 19:15 |
| Reporter | Werner Dworak | Assigned To | NEOatNHNG | ||
| Priority | normal | Severity | major | Reproducibility | sometimes |
| Status | closed | Resolution | fixed | ||
| Product Version | 2013 Q1 | ||||
| Target Version | 2013 Q2 | Fixed in Version | 2013 Q2 | ||
| Summary | 0001134: Delete the board flag thourougly in all parts of our software | ||||
| Description | The board flag was used for super assurances and other special rights. There seem to be complex interactions with TTP flag and Tverify flag. In the context of the Thawte patch and the access rights review all tverify flags, old TTP flags and board flags have been removed from all accounts. So on the life system this flag has no longer any immediate impact. But the board flag can only be seen and changed by the critical sysadmins, not by the SE console. So it is hard to monitor. On the test system this flag is easy to set. On some tests I have set this flag which led to some strange results. So this flag seems to have some obscure effects hard to comprehend and to follow. This is unacceptable in the view of Audit, so we should scrutinise what exactly the board flag does or did and to thoroughly extirpate every occurrence of this flag from our software. | ||||
| Additional Information | found in www/wot.php | ||||
| Tags | No tags attached. | ||||
| Reviewed by | dastrath, BenBE | ||||
| Test Instructions | |||||
| related to | 0001112 | closed | Main CAcert Website | Exchange the text on the TTP page according to the new TTP programm | |
| related to | 0001054 | needs review & testing | Ted | Main CAcert Website | Review the code regarding the new point calculation in ./includes/general.php |
| related to | 0001038 | closed | Uli60 | Main CAcert Website | Provide a script for board/tverify reset flags by arbitration a20110118.1 |
| related to | 0001003 | closed | NEOatNHNG | Main CAcert Website | Provide a possibility to regularly review the permissions in the system |
| related to | 0000888 | closed | NEOatNHNG | Main CAcert Website | to add new assurance method TTP |
| related to | 0000827 | closed | egal | Main CAcert Website | Tverify points to be deprecated |
| related to | 0001042 | needs review & testing | Eva | Main CAcert Website | Review the code regarding the new point calculation |
| related to | 0000976 | closed | Uli60 | Main CAcert Website | List of update request for webdb database structure upgrade with tables / fields |
| related to | 0000223 | confirmed | Main CAcert Website | Auditor Interface | |
| related to | 0001033 | closed | NEOatNHNG | Main CAcert Website | User can grant more then 35 points |
| related to | 0001023 | needs work | Eva | Main CAcert Website | Consolidate changes into the Assure Someone page |
| related to | 0000893 | closed | INOPIAE | Main CAcert Website | Extend Delete account feature for support |
| related to | 0001074 | closed | Uli60 | Main CAcert Website | Wrong display of method on points page wot.php?id=10 |
| related to | 0000861 | closed | NEOatNHNG | test.cacert.org | set flags - set of flags different to - admin console flags under testserver |
| related to | 0000855 | closed | Uli60 | Main CAcert Website | Fix adding TTP assurance method on testserver (was: admin console lists "empty" and "Unknown" ...) |
| related to | 0000819 | closed | NEOatNHNG | Main CAcert Website | Comparison instead of Assignment |
|
|
pushed fix to https://github.com/INOPIAE/CAcert/commit/10c9513e20bbe8bc4d1ccf39e235e80db96b85c5 |
|
|
I stumbled over strange effects with the board flag during https://bugs.cacert.org/view.php?id=1112#c3545 I re-tested this and the old strange behavior disappeared. So it looks like the board flag no longer creates trouble. There are still some minor inconsistencies, but I assume they are related to bug 1112 or bug 1054. Marcus will care for it. |
|
|
please review. We only have one test as we do not see a good test senceario. |
|
|
Review looks good ... ;-) |
|
|
Reviewed by Dirk last week |
|
|
The fix has been installed on the production server on June 26, 2013. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2013-06/msg00011.html |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2013-01-09 04:00 | Werner Dworak | New Issue | |
| 2013-01-09 04:03 | Werner Dworak | Relationship added | related to 0001112 |
| 2013-01-09 04:04 | Werner Dworak | Relationship added | related to 0001054 |
| 2013-01-09 04:04 | Werner Dworak | Relationship added | related to 0001038 |
| 2013-01-09 04:05 | Werner Dworak | Relationship added | related to 0001003 |
| 2013-01-09 04:07 | Werner Dworak | Relationship added | related to 0000888 |
| 2013-01-09 04:08 | Werner Dworak | Relationship added | related to 0000827 |
| 2013-01-09 04:10 | Werner Dworak | Relationship added | related to 0001042 |
| 2013-01-09 04:12 | Werner Dworak | Relationship added | related to 0000976 |
| 2013-01-09 04:13 | Werner Dworak | Relationship added | related to 0000223 |
| 2013-01-09 04:18 | Werner Dworak | Relationship added | related to 0001033 |
| 2013-01-09 04:19 | Werner Dworak | Relationship added | related to 0001023 |
| 2013-01-09 04:23 | Werner Dworak | Relationship added | related to 0000893 |
| 2013-01-09 04:26 | Werner Dworak | Relationship added | related to 0001074 |
| 2013-01-09 04:28 | Werner Dworak | Relationship added | related to 0000861 |
| 2013-01-09 04:29 | Werner Dworak | Relationship added | related to 0000855 |
| 2013-01-09 04:31 | Werner Dworak | Relationship added | related to 0000819 |
| 2013-05-01 10:53 | INOPIAE | Additional Information Updated | |
| 2013-05-01 13:11 | INOPIAE | Note Added: 0003961 | |
| 2013-05-01 13:11 | INOPIAE | Assigned To | => BenBE |
| 2013-05-01 13:11 | INOPIAE | Status | new => fix available |
| 2013-05-01 14:18 | BenBE | Reviewed by | => BenBE |
| 2013-05-01 14:18 | BenBE | Status | fix available => needs review & testing |
| 2013-05-01 14:18 | BenBE | Product Version | => 2013 Q1 |
| 2013-05-01 14:18 | BenBE | Target Version | => 2013 Q2 |
| 2013-05-01 14:20 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 57a7a3de |
| 2013-05-01 14:20 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable 10c9513e |
| 2013-05-01 19:51 | Werner Dworak | Note Added: 0003972 | |
| 2013-05-21 20:48 | INOPIAE | Note Added: 0004012 | |
| 2013-05-21 20:48 | INOPIAE | Assigned To | BenBE => NEOatNHNG |
| 2013-05-21 20:48 | INOPIAE | Status | needs review & testing => needs review |
| 2013-06-04 22:09 | egal | Note Added: 0004043 | |
| 2013-06-11 22:48 | BenBE | Reviewed by | BenBE => dastrath, BenBE |
| 2013-06-11 22:48 | BenBE | Note Added: 0004052 | |
| 2013-06-11 22:48 | BenBE | Status | needs review => ready to deploy |
| 2013-06-25 20:15 | BenBE | Source_changeset_attached | => cacert-devel release ae9db2e0 |
| 2013-06-26 13:42 | wytze | Note Added: 0004080 | |
| 2013-06-26 13:42 | wytze | Status | ready to deploy => solved? |
| 2013-06-26 13:42 | wytze | Fixed in Version | => 2013 Q2 |
| 2013-06-26 13:42 | wytze | Resolution | open => fixed |
| 2013-09-24 19:15 | INOPIAE | Status | solved? => closed |
