[tor-bugs] #30881 [Internal Services/Tor Sysadmin Team]: answer the opsreportcard questionnaire, AKA the "limoncelli test"

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Oct 3 19:36:36 UTC 2019


#30881: answer the opsreportcard questionnaire, AKA the "limoncelli test"
-------------------------------------------------+-------------------------
 Reporter:  anarcat                              |          Owner:  anarcat
     Type:  task                                 |         Status:
                                                 |  assigned
 Priority:  Medium                               |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by anarcat):

 = Section G: Security Practices

 == 28. Do Desktops/laptops/servers run self-updating, silent, anti-malware
 software?

 No.

 == 29. Do you have a written security policy?

 No. See http://www.sans.org/security-resources/policies/ for an example.

 == 30. Do you submit to periodic security audits?

 No.

 == 31. Can a user's account be disabled on all systems in 1 hour?

 Yes, through LDAP, although some services are not directly hooked into
 LDAP.

 == 32. Can you change all privileged (root) passwords in 1 hour?

 No.

 = Score: 0.5/5

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30881#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list