-
Type:
Task
-
Status: New
-
Priority:
Not specified
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: Documentation, Security
-
Labels:
We should have a document that describes the overall security model for the whole HPCC system, detailing what checking is done, which threats we guard against, where our trust boundary is, how we maintain that trust, how we secure against embedded code, file scoping, etc. etc.
It is needed to we can model threats and then see how the system is meant to cope, and spot when security code is only creating an illusion of security, creating a backdoor, etc.
