Confirmed users
529
edits
Security/Reviews/Nucleus: Difference between revisions
Jump to navigation
Jump to search
→Threats
No edit summary |
|||
| Line 20: | Line 20: | ||
=Threats= | =Threats= | ||
** PR risk: if someone gains access and publish bogus content | ** PR risk: if someone gains access and publish bogus content | ||
== Privacy: 1 == | |||
For now only public data, non-critical, will be handled. | For now only public data, non-critical, will be handled. | ||
NOT SUITABLE CONFIDENTIAL DATA. Data awaiting publication might be critical (security advisories). only public data once published. | NOT SUITABLE CONFIDENTIAL DATA. Data awaiting publication might be critical (security advisories). only public data once published. | ||
== Availability: 2 == | |||
48 hours restart time is sufficient | 48 hours restart time is sufficient | ||
== Recovery: 2 == | |||
Nucleus would be replicated to Bedrock frequently. | Nucleus would be replicated to Bedrock frequently. | ||
* Note: there isn't a direct bedrock to nucleus recovery path AFAIK | * Note: there isn't a direct bedrock to nucleus recovery path AFAIK | ||
User's ACLs needs to be backed up. Weekly is acceptable. | User's ACLs needs to be backed up. Weekly is acceptable. | ||
== Audit: 2 == | |||
creation, modify time, login name. no need to log the detail of changes on a publication. | creation, modify time, login name. no need to log the detail of changes on a publication. | ||
=Action items= | =Action items= | ||
* jgmize/cturra talk about how to get to web logs | * jgmize/cturra talk about how to get to web logs | ||