recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Lock down some config options

Summary:
This is just a general review of config options, to reduce the amount of damage a rogue administrator (without host access) can do. In particular:

- Fix some typos.
- Lock down some options which would potentially let a rogue administrator do something sketchy.
- Most of the new locks relate to having them register a new service account, then redirect services to their account. This potentially allows them to read email.
- Lock down some general disk stuff, which could be troublesome in combination with other vulnerabilities.

Test Plan:
- Read through config options.
- Tried to think about how to do evil things with each one.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8928

epriestley 7145587d 68023e64

+42 -16
+4
src/applications/config/option/PhabricatorAWSConfigOptions.php
··· 14 14 public function getOptions() { 15 15 return array( 16 16 $this->newOption('amazon-ses.access-key', 'string', null) 17 + ->setLocked(true) 17 18 ->setDescription(pht('Access key for Amazon SES.')), 18 19 $this->newOption('amazon-ses.secret-key', 'string', null) 19 20 ->setMasked(true) 20 21 ->setDescription(pht('Secret key for Amazon SES.')), 21 22 $this->newOption('amazon-s3.access-key', 'string', null) 23 + ->setLocked(true) 22 24 ->setDescription(pht('Access key for Amazon S3.')), 23 25 $this->newOption('amazon-s3.secret-key', 'string', null) 24 26 ->setMasked(true) 25 27 ->setDescription(pht('Secret key for Amazon S3.')), 26 28 $this->newOption('amazon-s3.endpoint', 'string', null) 29 + ->setLocked(true) 27 30 ->setDescription( 28 31 pht( 29 32 'Explicit S3 endpoint to use. Leave empty to have Phabricator '. ··· 31 34 ->addExample(null, 'Use default endpoint') 32 35 ->addExample('s3.amazon.com', 'Use specific endpoint'), 33 36 $this->newOption('amazon-ec2.access-key', 'string', null) 37 + ->setLocked(true) 34 38 ->setDescription(pht('Access key for Amazon EC2.')), 35 39 $this->newOption('amazon-ec2.secret-key', 'string', null) 36 40 ->setMasked(true)
+5 -1
src/applications/config/option/PhabricatorCoreConfigOptions.php
··· 92 92 pht('Install Beta Applications'), 93 93 pht('Uninstall Beta Applications') 94 94 )) 95 + ->setSummary( 96 + pht( 97 + 'Install applications which are still under development.')) 95 98 ->setDescription( 96 99 pht( 97 100 "Phabricator includes 'Beta' applications which are in an early ". ··· 109 112 pht('Shenanigans'), // That should be interesting to translate. :P 110 113 )) 111 114 ->setSummary( 112 - pht("Should Phabricator be serious?")) 115 + pht("Allows you to remove levity and jokes from the UI.")) 113 116 ->setDescription( 114 117 pht( 115 118 'By default, Phabricator includes some flavor text in the UI, '. ··· 135 138 "The current value of PATH after configuration is applied is:\n\n". 136 139 " lang=text\n". 137 140 " %s", $path)) 141 + ->setLocked(true) 138 142 ->addExample('/usr/local/bin', pht('Add One Path')) 139 143 ->addExample("/usr/bin\n/usr/local/bin", pht('Add Multiple Paths')), 140 144 $this->newOption('config.lock', 'set', array())
+1
src/applications/config/option/PhabricatorExtendingPhabricatorConfigOptions.php
··· 32 32 'aphront.default-application-configuration-class', 33 33 'class', 34 34 'AphrontDefaultApplicationConfiguration') 35 + ->setLocked(true) 35 36 ->setBaseClass('AphrontApplicationConfiguration') 36 37 // TODO: This could probably use some better documentation. 37 38 ->setDescription(pht("Application configuration class.")),
+4 -3
src/applications/config/option/PhabricatorMailgunConfigOptions.php
··· 13 13 14 14 public function getOptions() { 15 15 return array( 16 - $this->newOption('mailgun.api-key', 'string', null) 17 - ->setMasked(true) 18 - ->setDescription(pht('Mailgun API key.')), 19 16 $this->newOption('mailgun.domain', 'string', null) 17 + ->setLocked(true) 20 18 ->setDescription( 21 19 pht( 22 20 'Mailgun domain name. See https://mailgun.com/cp/domains')) 23 21 ->addExample('mycompany.com', 'Use specific domain'), 22 + $this->newOption('mailgun.api-key', 'string', null) 23 + ->setMasked(true) 24 + ->setDescription(pht('Mailgun API key.')), 24 25 ); 25 26 26 27 }
+1
src/applications/config/option/PhabricatorPHDConfigOptions.php
··· 42 42 "mode with 'phd debug' are always launched in verbose mode. See ". 43 43 "also 'phd.trace'.")), 44 44 $this->newOption('phd.user', 'string', null) 45 + ->setLocked(true) 45 46 ->setSummary(pht("System user to run daemons as.")) 46 47 ->setDescription( 47 48 pht(
+5
src/applications/config/option/PhabricatorPHPMailerConfigOptions.php
··· 14 14 public function getOptions() { 15 15 return array( 16 16 $this->newOption('phpmailer.mailer', 'string', 'smtp') 17 + ->setLocked(true) 17 18 ->setSummary(pht("Configure mailer used by PHPMailer.")) 18 19 ->setDescription( 19 20 pht( ··· 23 24 "You need it when you want to use SMTP instead of sendmail as the ". 24 25 "mailer.")), 25 26 $this->newOption('phpmailer.smtp-host', 'string', null) 27 + ->setLocked(true) 26 28 ->setDescription(pht('Host for SMTP.')), 27 29 $this->newOption('phpmailer.smtp-port', 'int', 25) 30 + ->setLocked(true) 28 31 ->setDescription(pht('Port for SMTP.')), 29 32 // TODO: Implement "enum"? Valid values are empty, 'tls', or 'ssl'. 30 33 $this->newOption('phpmailer.smtp-protocol', 'string', null) 34 + ->setLocked(true) 31 35 ->setSummary(pht('Configure TLS or SSL for SMTP.')) 32 36 ->setDescription( 33 37 pht( ··· 35 39 "'ssl' to use TLS or SSL, respectively. Leave it blank for ". 36 40 "vanilla SMTP. If you're sending via Gmail, set it to 'ssl'.")), 37 41 $this->newOption('phpmailer.smtp-user', 'string', null) 42 + ->setLocked(true) 38 43 ->setDescription(pht('Username for SMTP.')), 39 44 $this->newOption('phpmailer.smtp-password', 'string', null) 40 45 ->setMasked(true)
+16 -11
src/applications/config/option/PhabricatorSecurityConfigOptions.php
··· 16 16 17 17 return array( 18 18 $this->newOption('security.alternate-file-domain', 'string', null) 19 + ->setLocked(true) 19 20 ->setSummary(pht("Alternate domain to serve files from.")) 20 21 ->setDescription( 21 22 pht( ··· 43 44 'string', 44 45 '[D\t~Y7eNmnQGJ;rnH6aF;m2!vJ8@v8C=Cs:aQS\.Qw') 45 46 ->setMasked(true) 47 + ->setLocked(true) 46 48 ->setSummary( 47 49 pht("Key for HMAC digests.")) 48 50 ->setDescription( ··· 85 87 'string', 86 88 '0b7ec0592e0a2829d8b71df2fa269b2c6172eca3') 87 89 ->setMasked(true) 90 + ->setLocked(true) 88 91 ->setSummary( 89 92 pht("Hashed with other inputs to generate CSRF tokens.")) 90 93 ->setDescription( ··· 100 103 'string', 101 104 '5ce3e7e8787f6e40dfae861da315a5cdf1018f12') 102 105 ->setMasked(true) 106 + ->setLocked(true) 103 107 ->setSummary( 104 108 pht("Hashed with other inputs to generate mail tokens.")) 105 109 ->setDescription( ··· 191 195 "referrers to YouTube) and is pretty silly (but sort of ". 192 196 "awesome).")), 193 197 $this->newOption('security.allow-outbound-http', 'bool', true) 194 - ->setBoolOptions( 195 - array( 196 - pht("Allow"), 197 - pht("Disallow"), 198 - )) 199 - ->setSummary( 200 - pht("Allow outbound HTTP requests")) 201 - ->setDescription( 202 - pht( 203 - "If you enable this, you are allowing Phabricator to potentially ". 204 - "make requests to external servers.")), 198 + ->setBoolOptions( 199 + array( 200 + pht("Allow"), 201 + pht("Disallow"), 202 + )) 203 + ->setLocked(true) 204 + ->setSummary( 205 + pht("Allow outbound HTTP requests")) 206 + ->setDescription( 207 + pht( 208 + "If you enable this, you are allowing Phabricator to ". 209 + "potentially make requests to external servers.")), 205 210 ); 206 211 } 207 212
+1
src/applications/config/option/PhabricatorSendGridConfigOptions.php
··· 14 14 public function getOptions() { 15 15 return array( 16 16 $this->newOption('sendgrid.api-user', 'string', null) 17 + ->setLocked(true) 17 18 ->setDescription(pht('SendGrid API username.')), 18 19 $this->newOption('sendgrid.api-key', 'string', null) 19 20 ->setMasked(true)
+2 -1
src/applications/files/config/PhabricatorFilesConfigOptions.php
··· 118 118 'Configure the largest file which will be put into the MySQL '. 119 119 'storage engine.')), 120 120 $this->newOption('storage.local-disk.path', 'string', null) 121 + ->setLocked(true) 121 122 ->setSummary(pht('Local storage disk path.')) 122 123 ->setDescription( 123 124 pht( ··· 190 191 pht('Disable') 191 192 ))->setDescription( 192 193 pht("This option will enable animated gif images". 193 - "to be set as profile pictures. The \'convert\' binary ". 194 + "to be set as profile pictures. The 'convert' binary ". 194 195 "should be available to the webserver for this to work")), 195 196 196 197 );
+1
src/applications/phame/config/PhabricatorPhameConfigOptions.php
··· 19 19 array( 20 20 'externals/skins/', 21 21 )) 22 + ->setLocked(true) 22 23 ->setDescription( 23 24 pht('List of directories where Phame will look for skins.')), 24 25 );
+1
src/applications/phortune/option/PhabricatorPhortuneConfigOptions.php
··· 61 61 ->setHidden(true) 62 62 ->setDescription(pht('WePay access token.')), 63 63 $this->newOption('phortune.wepay.account-id', 'string', null) 64 + ->setLocked(true) 64 65 ->setHidden(true) 65 66 ->setDescription(pht('WePay account ID.')), 66 67 );
+1
src/applications/repository/PhabricatorRepositoryConfigOptions.php
··· 17 17 public function getOptions() { 18 18 return array( 19 19 $this->newOption('repository.default-local-path', 'string', '/var/repo/') 20 + ->setLocked(true) 20 21 ->setSummary( 21 22 pht("Default location to store local copies of repositories.")) 22 23 ->setDescription(