Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create a Secure Mode that removes some features from Piwik to increase security #6348

Open
mattab opened this issue Sep 30, 2014 · 0 comments
Open

Create a Secure Mode that removes some features from Piwik to increase security #6348

mattab opened this issue Sep 30, 2014 · 0 comments
Labels
c: Platform For Matomo platform changes that aren't impacting any of our APIs but improve the core itself. c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
Milestone
Backlog (Help wan...

Comments

@mattab
Copy link
Member

mattab commented Sep 30, 2014

A Super User has a lot of power and with it comes a lot of responsibility. The goal of this issue is to create a new config setting eg. secure_mode that is disabled by default. When enabled it will limit some of the powers of Super Users.

In particular it will prevent:

Possibly there are other insecure items that a Super User could do that we want to limit in the secure mode?
@mattab mattab added Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. c: Platform For Matomo platform changes that aren't impacting any of our APIs but improve the core itself. labels Sep 30, 2014
@mattab mattab added this to the Mid term milestone Sep 30, 2014
@mattab mattab changed the title Create a Secure Mode for Piwik to lockin Piwik Create a Secure Mode that removs some features from Piwik to increase security Sep 30, 2014
@mattab mattab changed the title Create a Secure Mode that removs some features from Piwik to increase security Create a Secure Mode that removes some features from Piwik to increase security Sep 30, 2014
@mattab mattab mentioned this issue Sep 30, 2014
Closed
@gaumondp gaumondp mentioned this issue Sep 30, 2014
Closed
@Joey3000 Joey3000 mentioned this issue Sep 18, 2015
Closed
@mattab mattab modified the milestones: Long term, Mid term Dec 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
c: Platform For Matomo platform changes that aren't impacting any of our APIs but improve the core itself. c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
Projects
None yet
Milestone
Backlog (Help wanted)
Development

No branches or pull requests
1 participant
@mattab