CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Developer Discussion »
  • Google Summer of Code »
  • GSoC'2016 - Harden CiviCRM Security
Pages: [1]

Author Topic: GSoC'2016 - Harden CiviCRM Security  (Read 436 times)

TryMe

  • I’m new here
  • *
  • Posts: 3
  • Karma: 0
  • CiviCRM version: 4.7
  • CMS version: Wordpress
  • MySQL version: 5.6
  • PHP version: 5.6
GSoC'2016 - Harden CiviCRM Security
March 19, 2016, 03:42:40 pm
Hi, after haven gone through the idea list, I find this project idea of Hardening CiviCRM Security very intersting to me. Security is an issue that should seize the attention of every organization that uses or develop web-based platforms. In the case CiviCRM which is built on PHP, I presume all the security functionality that comes within the PHP's default configuration file, php.ini has been fully utilized. If that is the case, I wish to have more discussion on this in order to build a very robust list of security requirements for CiviCRM. :)

Regards
 

xavier

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4453
  • Karma: 161
    • Tech To The People
  • CiviCRM version: yes probably
  • CMS version: drupal
Re: GSoC'2016 - Harden CiviCRM Security
March 20, 2016, 02:19:40 pm
Hi,

Did you read the project idea? what do you think about it and how you can contribute?
-Hackathon and data journalism about the European parliament 24-26 jan. Watch out the result

TryMe

  • I’m new here
  • *
  • Posts: 3
  • Karma: 0
  • CiviCRM version: 4.7
  • CMS version: Wordpress
  • MySQL version: 5.6
  • PHP version: 5.6
Re: GSoC'2016 - Harden CiviCRM Security
March 20, 2016, 03:53:41 pm
<<Did you read the project idea?>>
Yes I have gone through the project idea and
<<what do you think about it>>
 I think it is imperative for a huge project like CiviCRM to be able to afford  a  detailed  security  review. And for us to achieve this, a thorough penetration test will have to be performed on the system so that we can identify all security loopholes on the current system adding to the ones already identified as per the discussion on the project idea page. This will then give us a good place to start building.
<<how you can contribute?>>
I will like to contribute first by working to working to fix the already identified security loopholes and then performing a detailed penetration test on CiviCRM to identify and close more security back-doors.

I wil like to get more  recommendations, especially if in your opinion I'm missing out on it.

Regards


TryMe

  • I’m new here
  • *
  • Posts: 3
  • Karma: 0
  • CiviCRM version: 4.7
  • CMS version: Wordpress
  • MySQL version: 5.6
  • PHP version: 5.6
Re: GSoC'2016 - Harden CiviCRM Security
March 22, 2016, 04:09:03 am
Hi, I have just submitted a draft proposal on the summer of code website. I wait for your recommendations.
cheers
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Developer Discussion »
  • Google Summer of Code »
  • GSoC'2016 - Harden CiviCRM Security

This forum was archived on 2017-11-26.