View Issue Details

IDProjectCategoryView StatusLast Update
0000175Main CAcert Websitewebsite contentpublic2013-11-20 22:23
ReporterSourcerer Assigned ToSourcerer  
PriorityurgentSeverityfeatureReproducibilityalways
Status closedResolutionfixed 
Fixed in Version2006 
Summary0000175: We need a way to shutdown the website
DescriptionIn case of emergency, we need the possibility to stop the issueing of new certificates, and the issueing of web-of-trust points, to make sure that no bad things can happen.
On the other hand, revocation services need to continue being operated properly.
Additional InformationI created a patch that does the job. It adds a new shutdown.php, which is called from all affected places, which has a single switch to shutdown the functions. Change the if(0) to if(1), and the functions are offline.

At the moment, I added the shutdown include on all entry points of the web-based functions.
The API is NOT affected yet. If we want to shut that down too, those functions have to be added.
Also the operation parts are NOT affected yet. So it is still possible to circumvent the patch, if someone knows how to do it.
TagsNo tags attached.
Reviewed by
Test Instructions

Relationships

related to 0000066 closedSourcerer Notice of system outage due to intrusion detection 

Activities

2006-03-20 08:24

 

shutdown.tgz (501 bytes)

evaldo

2006-03-22 09:02

developer   ~0000112

Maybe we need to shut down logins too? in event somebody discovers how to log in and revoke everybody's certs ;) better safe than sorry...

duane

2006-08-16 10:00

developer   ~0000518

Patch/suggestions applied

Issue History

Date Modified Username Field Change
2006-03-20 08:24 Sourcerer New Issue
2006-03-20 08:24 Sourcerer File Added: shutdown.tgz
2006-03-22 09:02 evaldo Note Added: 0000112
2006-03-22 09:02 evaldo Status new => confirmed
2006-03-22 09:04 evaldo Relationship added related to 0000066
2006-08-16 10:00 duane Status confirmed => needs work
2006-08-16 10:00 duane Assigned To => Sourcerer
2006-08-16 10:00 duane Status needs work => solved?
2006-08-16 10:00 duane Fixed in Version => production
2006-08-16 10:00 duane Resolution open => fixed
2006-08-16 10:00 duane Note Added: 0000518
2007-10-24 06:09 evaldo Status solved? => closed
2013-01-14 02:42 Werner Dworak Fixed in Version => 2006
2013-11-20 22:23 NEOatNHNG View Status private => public