Custom Query (23 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Ticket Summary Keywords Status Owner Type Priority
#615 Can JavaScript loaded from Tahoe access all your content which is loaded from Tahoe? newcaps confidentiality integrity preservation capleak gsoc websec assigned davidsarah defect critical
#127 Cap URLs leaked via HTTP Referer header confidentiality integrity preservation capleak research websec assigned davidsarah defect major
#366 address Nathan Wilcox's concerns about "Tahoe and the browser security model" security capleak docs websec assigned blaisep defect major
#821 A script in a file viewed through the WUI can obtain the file's read cap newcaps newurls confidentiality capleak websec assigned davidsarah defect major
#827 Put file download links ('?save=true') in WUI directory listings security usability capleak docs download easy assigned davidsarah defect major
#922 The URL of the info page for an unknown dirnode should not grant authority to the containing directory capleak integrity confidentiality newurls assigned davidsarah defect major
#954 revocable write authority integrity capleak forward-compatibility newcaps revocation research new enhancement major
#995 It's way too easy to give away write directory caps wui jsui usability confidentiality capleak websec new nobody defect major
#997 The webapi/WUI should have https enabled by default confidentiality wui webapi capleak new nobody defect major
#1234 UnrecoverableFileError message should say which file it refers to error usability capleak assigned davidsarah defect major
#1254 eliminate use of urllib.urlopen in check_load security capleak assigned davidsarah defect major
#1649 WUI: the error message page for a writeable file/directory nonobviously includes the write cap usability security capleak websec assigned davidsarah defect major
#1798 Segregate gateway HTTP ports: one for raw bytes and one for generated WUI pages wui same-origin security capleak new freddyb defect major
#1859 Proof-of-concept attack: Upload and execute attacker controlled js from any domain. security javascript same-origin capleak websec new davidsarah defect major
#2090 Don't expose URIs after failed CLI commands easy security capleak error cli new daira defect major
#1415 WUI is more useful than CLI security privacy capleak integrity confidentiality new defect normal
#1535 Allow restricting Tahoe-LAFS gateway to one user by supporting Unix sockets wui cli socket unix security confidentiality integrity capleak new enhancement normal
#1890 submit proposal for restrict-referrer-leakage to the CSP standardizers and implementors referer referrer standards capleak research assigned davidsarah task normal
#1989 foolscap: "an inbound callRemote ... failed" log entries include all arguments memory confidentiality capleak logging foolscap new warner defect normal
#2100 passphrase-encrypt the aliases file aliases security capleak usability new daira enhancement normal
#2331 don't display capabilities without user explicitly asking for it security capleak assigned daira defect normal
#2720 format_http_error leaks the URI security capleak new daira defect normal
#907 Stop caps from leaking to phishing-filter servers capleak integrity confidentiality forward-compatibility newurls docs websec assigned davidsarah defect minor
Note: See TracQuery for help on using queries.