Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
ropsec: a package for easing operations securit...
Search
Ildikó Czeller
July 11, 2019
Programming
2
590
ropsec: a package for easing operations security for the R user
Ildikó Czeller
July 11, 2019
Tweet
Share
More Decks by Ildikó Czeller
See All by Ildikó Czeller
Making Email Campaigns More Effective: Send Time Optimization
czeildi
0
310
belgrade2018_satrday_oop_Ildi_Czeller.pdf
czeildi
0
78
The essentials to work with object-oriented systems in R
czeildi
0
88
Making email campaigns more effective: Send time optimization
czeildi
0
110
Other Decks in Programming
See All in Programming
A2A プロトコルを試してみる
azukiazusa1
2
1.3k
スタートアップの急成長を支えるプラットフォームエンジニアリングと組織戦略
sutochin26
1
4.7k
10 Costly Database Performance Mistakes (And How To Fix Them)
andyatkinson
0
230
AIエージェントはこう育てる - GitHub Copilot Agentとチームの共進化サイクル
koboriakira
0
510
ISUCON研修おかわり会 講義スライド
arfes0e2b3c
1
430
Hypervel - A Coroutine Framework for Laravel Artisans
albertcht
1
110
GraphRAGの仕組みまるわかり
tosuri13
8
530
PostgreSQLのRow Level SecurityをPHPのORMで扱う Eloquent vs Doctrine #phpcon #track2
77web
2
510
PicoRuby on Rails
makicamel
2
130
Azure AI Foundryではじめてのマルチエージェントワークフロー
seosoft
0
160
Systèmes distribués, pour le meilleur et pour le pire - BreizhCamp 2025 - Conférence
slecache
0
120
Webの外へ飛び出せ NativePHPが切り拓くPHPの未来
takuyakatsusa
2
540
Featured
See All Featured
Music & Morning Musume
bryan
46
6.6k
How GitHub (no longer) Works
holman
314
140k
Building Adaptive Systems
keathley
43
2.7k
Why Our Code Smells
bkeepers
PRO
337
57k
RailsConf 2023
tenderlove
30
1.1k
Making Projects Easy
brettharned
116
6.3k
Six Lessons from altMBA
skipperchong
28
3.9k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
281
13k
Building Applications with DynamoDB
mza
95
6.5k
Automating Front-end Workflow
addyosmani
1370
200k
Stop Working from a Prison Cell
hatefulcrawdad
270
21k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Transcript
{ropsec}: R OPerations SECurity unconf ‘18 project on GitHub
... but unnecessarily hard @czeildi Data Scientist @Emarsys security is
important ...
Are you who you say you are? verify authenticity of
commits @czeildi Data Scientist @Emarsys
without signing @czeildi Data Scientist @Emarsys
with signing @czeildi Data Scientist @Emarsys
• Person 1 as person 1: good commit • Person
2 as person 2: good commit • Person 3 as person 1: evil commit @czeildi Data Scientist @Emarsys
@czeildi Data Scientist @Emarsys GitHub / web of trust sign
with , GitHub verifies with
@czeildi Data Scientist @Emarsys GitHub / web of trust sign
with , GitHub verifies with
specific technology • OpenPGP: standard • gpg : low-level •
ropsec : end2end @czeildi Data Scientist @Emarsys
ropsec::sign_commits_with_key() Do you want to sign future commits with `9958986BA31B2E1E`?
This will set your user.email from
[email protected]
to
[email protected]
. 1: Yes 2: No reduce risk of mistake @czeildi Data Scientist @Emarsys
ropsec::store_public_key() Public GPG key is uploaded to GitHub. Unauthorized request.
Check your token. Uploaded key is unverified, emails do not match. Delete the key (https://github.com/settings/keys) and try again. communicate status @czeildi Data Scientist @Emarsys
• askYesNo, getPass::getPass • git2r::config • gpg::gpg_keygen testing global changes
@czeildi Data Scientist @Emarsys
#throws error if password prompt cancelled: stub(generate_key, "getPass::getPass", NULL) expect_error(
generate_key("John Doe", "
[email protected]
"), "GPG key generation cancelled by user" ) testing global changes @czeildi Data Scientist @Emarsys
ropsec::full_on_audit()$suggestions • Use SSH key of size at least 2048
• Install a PAM module for password strength testing like pam_cracklib audit your computer in detail @czeildi Data Scientist @Emarsys
{ropsec}: available on GitHub • sign your commits • audit
your computer