Forums » Open discussion »
Security Audit of Redmine
Added by Bernd May over 13 years ago
Hey, I am fairly new to web app deployment but one issue just keeps nagging at me since I began with redmine in our corporate network. We have to enable some sort of public access from the big evil net and all the weird, mad and evil people out there and it pains me to do so without at least a little security testing.
Before I do so and start to dig into the wonderful world of web app security testing tools, I would like to know, if anyone has already security tested. If you did, with what, how and what were your results?
I will, probably during the next days try my first steps with google skipfish and then share my results and would be thankful for any replies
regards
Bernd
I have done several security audits on Redmine as well as talked with people who have also done some. You are welcome to do your own audit, there is a Ruby on Rails Guide for Security that should get you started.
If you think you found something, please use our submitting a security bug process so we can make sure to handle them safely.
Thanks.
Eric Davis
RE: Security Audit of Redmine
-
Added by Eric Davis over 13 years ago