Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
ropsec: a package for easing operations security for the R user
Search
Ildikó Czeller
July 11, 2019
Programming
2
420
ropsec: a package for easing operations security for the R user
Ildikó Czeller
July 11, 2019
Tweet
Share
More Decks by Ildikó Czeller
See All by Ildikó Czeller
Making Email Campaigns More Effective: Send Time Optimization
czeildi
0
210
belgrade2018_satrday_oop_Ildi_Czeller.pdf
czeildi
0
46
The essentials to work with object-oriented systems in R
czeildi
0
56
Making email campaigns more effective: Send time optimization
czeildi
0
110
Other Decks in Programming
See All in Programming
ゆるい個人開発のススメ
kuroppe1819
10
990
OpenAPIを中心に考えるAPI開発入門 / Introduction to API Development with a Focus on OpenAPI
seike460
PRO
2
170
見た目から始める生産性向上
ikumatadokoro
7
840
GitHub Copilotのススメ
marcy731
1
200
障害対応を起点としたもっといい開発と運用のサイクル作りのためにできること / Hatena Enginner Seminar #29
polamjag
0
170
Git Rebase
bkuhlmann
11
1.6k
Fragment Composition of GraphQL
quramy
7
980
エンターテイメント業界で利用されるAWS
demuyan
0
210
使ってみよう Azure AI Document Intelligence
kosmosebi
2
310
dbtのドメイン分割による データ基盤の改善とDigdagとの連携
sakama
0
320
Apache Hive 4 on Treasure Data
ryukobayashi
0
310
Blue/Greenデプロイの導入による 運用フローの改善
kudoas
1
380
Featured
See All Featured
Rails Girls Zürich Keynote
gr2m
91
13k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
34
8.9k
[RailsConf 2023] Rails as a piece of cake
palkan
23
3.9k
Designing the Hi-DPI Web
ddemaree
276
33k
For a Future-Friendly Web
brad_frost
172
9k
A Tale of Four Properties
chriscoyier
151
22k
What the flash - Photography Introduction
edds
64
11k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
322
20k
Web development in the modern age
philhawksworth
202
10k
Design by the Numbers
sachag
274
18k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
14
1.5k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
227
16k
Transcript
{ropsec}: R OPerations SECurity unconf ‘18 project on GitHub
... but unnecessarily hard @czeildi Data Scientist @Emarsys security is
important ...
Are you who you say you are? verify authenticity of
commits @czeildi Data Scientist @Emarsys
without signing @czeildi Data Scientist @Emarsys
with signing @czeildi Data Scientist @Emarsys
• Person 1 as person 1: good commit • Person
2 as person 2: good commit • Person 3 as person 1: evil commit @czeildi Data Scientist @Emarsys
@czeildi Data Scientist @Emarsys GitHub / web of trust sign
with , GitHub verifies with
@czeildi Data Scientist @Emarsys GitHub / web of trust sign
with , GitHub verifies with
specific technology • OpenPGP: standard • gpg : low-level •
ropsec : end2end @czeildi Data Scientist @Emarsys
ropsec::sign_commits_with_key() Do you want to sign future commits with `9958986BA31B2E1E`?
This will set your user.email from
[email protected]
to
[email protected]
. 1: Yes 2: No reduce risk of mistake @czeildi Data Scientist @Emarsys
ropsec::store_public_key() Public GPG key is uploaded to GitHub. Unauthorized request.
Check your token. Uploaded key is unverified, emails do not match. Delete the key (https://github.com/settings/keys) and try again. communicate status @czeildi Data Scientist @Emarsys
• askYesNo, getPass::getPass • git2r::config • gpg::gpg_keygen testing global changes
@czeildi Data Scientist @Emarsys
#throws error if password prompt cancelled: stub(generate_key, "getPass::getPass", NULL) expect_error(
generate_key("John Doe", "
[email protected]
"), "GPG key generation cancelled by user" ) testing global changes @czeildi Data Scientist @Emarsys
ropsec::full_on_audit()$suggestions • Use SSH key of size at least 2048
• Install a PAM module for password strength testing like pam_cracklib audit your computer in detail @czeildi Data Scientist @Emarsys
{ropsec}: available on GitHub • sign your commits • audit
your computer