Securing our transifex instance

Dimitris Glezos dimitris at glezos.com
Wed Aug 29 03:03:08 UTC 2007 

Hi all.

It's time to add some non-localhost repos to our transifex instance, so
some advices on the security front would be greatly appreciated.

We're doing everything over SSH, with encrypted keys. Before starting
the TG app, tha admin needs to run ssh-agent and ssh-add. The goal would
be to have a different service actually handling the keys and the
commits, but that would have to wait for someone to submit the patchset.

With each repository (host) having its own key pair, `~/.ssh/config`
right now looks like this:

        Host localhost
         User transifex-testuser
         IdentityFile ~/.ssh/id_dsa
        
        #Host cvs.fedoraproject.org
        # User transifex
        # IdentityFile ~/.ssh/id_dsa-cvsfpo
        
        Host repo.or.cz
         User yumex-trans
         IdentityFile ~/.ssh/id_dsa-yumex
        
        Host *
         ForwardX11 no
         ForwardAgent no
         RhostsAuthentication no
         RhostsRSAAuthentication no
         PasswordAuthentication no
         StrictHostKeyChecking yes
         BatchMode yes
         CheckHostIP yes

On the web front, I tried my best to validate properly any input/output
from/to the user. Since transifex accepts user input, writes files on
our server, runs OS commands on the server, uses SSH keys to communicate
with other machines and writes to disks across the Internet, we better
make sure everything is OK before launching.

It would be great if some of you python hackers take a look at the code,
or anyone with the hobby of defacing websites run any injection/XSS-foo
on our instance, in order to identify and any additional checks or
reveal any mistakes I made (which I'm sure I did since it's my first big
python and TG app).

Our test instance dwells at 

  http://publictest5.fedora.redhat.com/submit/

Short instructions to get the code and install a local instance to play
around freely and with less lag can be found at:

  https://hosted.fedoraproject.org/projects/transifex/browser/INSTALL

Bugs, reports, suggestions:

  https://hosted.fedoraproject.org/projects/transifex/newticket


Thanks.

-d



-- 
Dimitris Glezos
Jabber ID: glezos at jabber.org, GPG: 0xA5A04C3B
http://dimitris.glezos.com/


"He who gives up functionality for ease of use
loses both and deserves neither." (Anonymous)
--

More information about the infrastructure mailing list