Websites/Processes/New Website: Difference between revisions

Websites/Processes/New Website (view source)

Revision as of 17:58, 13 April 2011

1,101 bytes added , 13 April 2011

→‎Security Ticket

Malexis

Confirmed users

1,052

edits

@@ Line 187: / Line 187: @@
 * Create a new [https://bugzilla.mozilla.org/enter_bug.cgi?product=mozilla.org&component=Infrastructure Security:%20Web%20Security Bugzilla ticket].
 * Make this bug a dependency for the tracking bug for this website's launch.
-* Assign this bug to the Security contact.
+* [https://wiki.mozilla.org/WebAppSec/Security_Review_Request Security Review Request]
+** copy questions from the above wiki and answer inline in the bugzilla ticket
 Title:
@@ Line 194: / Line 195: @@
 Body:
   <nowiki>
-This is a placeholder for the security review of {Website Name}.
+A quick intro to what this app does.
+Where is the source code located?
+Is there a stage server running that we can also test against? If so, please indicate what machine the web server is running on.
+Where would you like the bugs filed in bugzilla? Please specify the product, component and if anyone specific should be copied on the bugs.
+Please describe if this app will be connecting to any internal or external services or if it is able to interact with the OS.
+Does this app support logins or multiple roles? If so, we'll need test accounts created for each available role.
+What is the worst case scenario that could happen with this system, data or connected systems? (This is used to help understand the criticality of this server.)
+Does this website contain an administration page? If so, have the admin page blockers (listed here) all been addressed?
+This review will be scheduled amongst other requested reviews. What is the urgency or needed completion date of this review?.
 Current site documentation is available at:
-{Wiki Page}
+[https://wiki.mozilla.org/WebAppSec/Security_Review_Request]
 </nowiki>