[sakai2-tcc] Anti-Samy and Sakai CLE 2.9.2

Thu Mar 28 09:19:37 PDT 2013

AntiSamy is the right way forward and a huge security upgrade resolving all
sorts of XSS attacks that we have conceived of (KNL-1009) and haven't
conceived of (lots).

My preference:

a) Work on all open tickets regarding easier AntiSamy configuration are
finished by Tuesday.

b) All regression tests pass QA.

Then make AntiSamy default enabled in 2.9.2.

If A and B are not solved quickly, don't hold up the release, but merge
AntiSamy in and turn it off by default so 2.9.2 would still use our old
(bad) FormattedText by default.

Sakai institutions that don't want the security upgrade and want the old
FormattedText can easily switch AntiSamy off.  Longsight plans on using
AntiSamy with all of our 2.9 upgrades and installations once we have the
ability to easily swap out policy files ([a] above).

--Sam

On Thu, Mar 28, 2013 at 11:52 AM, Neal Caidin <
nealcaidin at sakaifoundation.org> wrote:

> Hi TCC,
>
> This is not a proposal, but asking for input on
>
> https://jira.sakaiproject.org/browse/KNL-1015 - Replace custom stuff in
> formattedtext with Antisamy processing
>
> CLE team had some discussion this morning. I heard very strong support for
> this change overall but also a few concerns (which may have been addressed,
> I did not fully follow).
>
> So the questions are, I think (others can correct me if I misspeak):
>
> 1) Should KNL-1015 become part of the 2.9.x maintenance release at some
> point?
>
> 2) Assuming the question to #1 is a yes (but good to get that
> confirmation), what would be the best way to roll it out?  Factors might
> include, but not be limited to:  quality of release, risk assessment to
> schools (and consider from viewpoint of schools with average administrative
> capability), security (KNL-1015 address a couple of "blocker" level
> security issues which have been around since at least 2.9.0 but maybe
> before), and timing (when schools upgrade to 2.9 are they going to easily
> be able to take advantage of this change?).
>
> Here are some options which were discussed:
>
> Options:
>
> 1) Release 2.9.2 as-is (with security blockers not yet addressed) . No
> change from current plan.
> 2) Release with anti-samy but with default off (which means the default
> will also not be addressing security blockers, but make it easier to add in
> later). Will likely impact schedule.
> 3) Release with anti-samy on - (A) set to low OR (B) set to high (either
> setting solves current security issues). Will likely impact schedule.
>
> Variances:
> ------------------------
> a)  Delaying the release to find someone who can run it for a little while
> (for quality purposes). UCT was mentioned as a potential candidate. For
> U.S. schools timing does not seem ideal to get this change in.
>
> B)  release 2.9.2 as-is (option #1) and then make anti-samy the focus for
> a 2.9.3 release. So instead of a summer time release (which had not yet
> been decided, but just some discussion), we would base the schedule of
> 2.9.3 on the needs of the Antisamy fix (what would that schedule look
> like?). The hope/idea is that we would be able to flip this release out
> faster, since we would be focused just on that one goal (though may be a
> challenge to keep other things from creeping in).
>
> Thoughts?
>
> Cheers,
>
>
> Neal Caidin
>
> Sakai CLE Community Coordinator
> nealcaidin at sakaifoundation.org
> Skype: nealkdin
> AIM: ncaidin at aol.com
>
>
>
>
>
>
> _______________________________________________
> sakai2-tcc mailing list
> sakai2-tcc at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai2-tcc
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai2-tcc/attachments/20130328/dd1576ed/attachment.html 