Issue #4974: [RFE] Run a suit of penetration tests against IPA interfaces - freeipa

freeipa

#4974 [RFE] Run a suit of penetration tests against IPA interfaces

Opened 10 years ago by dpal. Modified 9 months ago

Test should cover attacks over:

- LDAP
- Kerberos
- RPC
- DNS

protocols.
The tests should be part of the CI automation.

Metadata Update from @dpal:
- Issue assigned to someone
- Issue set to the milestone: Ticket Backlog

8 years ago

wcooke commented 9 months ago

To narrow down the scope of what this issue is asking for:
Static code testing?
Dynamic code testing?
Code quality?
Does Pagure have some kind of integrate security tools to assist projects?

There are some GitHub apps that could potentially be integrated do some of these tasks with the GitHub mirror. I am not sure if any of them are free.
https://github.com/marketplace?type=apps&category=code-quality
https://github.com/marketplace?type=apps&category=code-review
https://github.com/marketplace?type=apps&category=security

One such workflow I could see is a git commit is made, RPMs are created, a container is then built, a scan is run to test the web server and the cli tools, a report is generated and distributed/posted somewhere.

Metadata

Assignee

someone

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

Ticket Backlog

None

affects_doc

None

source

None

knownissue

None

type

enhancement

blockedby

None

test_case

None

component

Tests

blocking

None

on_review

keywords

pci

test_coverage

None

reviewer

None

external_tracker

None

tester

None

changelog

None

design

None

rhbz

freeipa

Source Code

#4974 [RFE] Run a suit of penetration tests against IPA interfaces Opened 10 years ago by dpal. Modified 9 months ago

Close issue as:

Metadata

#4974 [RFE] Run a suit of penetration tests against IPA interfaces

Opened 10 years ago by dpal. Modified 9 months ago