Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
ropsec: a package for easing operations security for the R user
Search
Ildikó Czeller
July 11, 2019
Programming
2
400
ropsec: a package for easing operations security for the R user
Ildikó Czeller
July 11, 2019
Tweet
Share
More Decks by Ildikó Czeller
See All by Ildikó Czeller
Making Email Campaigns More Effective: Send Time Optimization
czeildi
0
200
belgrade2018_satrday_oop_Ildi_Czeller.pdf
czeildi
0
45
The essentials to work with object-oriented systems in R
czeildi
0
55
Making email campaigns more effective: Send time optimization
czeildi
0
110
Other Decks in Programming
See All in Programming
TerraformをやめてCDKでReStartしたあと、 CDKをやめてCDK for TerraformでReStartした話
tmiura0203
0
770
Faster, greener, and happier- why Quarkus should be your next tech stack
hollycummins
0
130
Catch Up with Swift 5.10
ojun9
1
450
Laravel標準バリデーションでできること
hmb_ok
1
330
Microsoft Fabricを7ヶ月使ってわかったこと
shun_oshidari
2
450
上手な探索的テストとその上達方法について
matsu802
1
430
Deep Dive into the Symfony Security Component
hhamon
1
180
PHPカンファレンス関西2024でLTとスタッフした
ohmori_yusuke
2
120
25 Years of the JCP Program
ivargrimstad
0
1k
PHP 8.3で追加されたjson_validate()を徹底的に深掘りしてみよう
mashirou1234
0
610
まっちすいっち戦争 / match vs switch
takuyakatsusa
1
620
CSRF対策のやり方、そろそろアップデートしませんか / Update your knowledge of CSRF protection
hiro_y
22
12k
Featured
See All Featured
Atom: Resistance is Futile
akmur
258
25k
Designing the Hi-DPI Web
ddemaree
275
33k
Scaling GitHub
holman
456
140k
Keith and Marios Guide to Fast Websites
keithpitt
407
22k
Principles of Awesome APIs and How to Build Them.
keavy
119
16k
WebSockets: Embracing the real-time Web
robhawkes
59
6.9k
4 Signs Your Business is Dying
shpigford
174
21k
YesSQL, Process and Tooling at Scale
rocio
160
13k
The Cost Of JavaScript in 2023
addyosmani
13
3.7k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
219
21k
Music & Morning Musume
bryan
39
5.4k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
18
1.7k
Transcript
{ropsec}: R OPerations SECurity unconf ‘18 project on GitHub
... but unnecessarily hard @czeildi Data Scientist @Emarsys security is
important ...
Are you who you say you are? verify authenticity of
commits @czeildi Data Scientist @Emarsys
without signing @czeildi Data Scientist @Emarsys
with signing @czeildi Data Scientist @Emarsys
• Person 1 as person 1: good commit • Person
2 as person 2: good commit • Person 3 as person 1: evil commit @czeildi Data Scientist @Emarsys
@czeildi Data Scientist @Emarsys GitHub / web of trust sign
with , GitHub verifies with
@czeildi Data Scientist @Emarsys GitHub / web of trust sign
with , GitHub verifies with
specific technology • OpenPGP: standard • gpg : low-level •
ropsec : end2end @czeildi Data Scientist @Emarsys
ropsec::sign_commits_with_key() Do you want to sign future commits with `9958986BA31B2E1E`?
This will set your user.email from
[email protected]
to
[email protected]
. 1: Yes 2: No reduce risk of mistake @czeildi Data Scientist @Emarsys
ropsec::store_public_key() Public GPG key is uploaded to GitHub. Unauthorized request.
Check your token. Uploaded key is unverified, emails do not match. Delete the key (https://github.com/settings/keys) and try again. communicate status @czeildi Data Scientist @Emarsys
• askYesNo, getPass::getPass • git2r::config • gpg::gpg_keygen testing global changes
@czeildi Data Scientist @Emarsys
#throws error if password prompt cancelled: stub(generate_key, "getPass::getPass", NULL) expect_error(
generate_key("John Doe", "
[email protected]
"), "GPG key generation cancelled by user" ) testing global changes @czeildi Data Scientist @Emarsys
ropsec::full_on_audit()$suggestions • Use SSH key of size at least 2048
• Install a PAM module for password strength testing like pam_cracklib audit your computer in detail @czeildi Data Scientist @Emarsys
{ropsec}: available on GitHub • sign your commits • audit
your computer