Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • H HTTPS Everywhere EFF
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 0
    • Issues 0
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Applications
  • HTTPS Everywhere EFF
  • Issues
  • #2160
Closed
Open
Issue created Nov 06, 2010 by Mike Perry@mikeperryDeveloper

Document rule review process

We need to publicly document our rule review process in the rule development howto. The document should be written to be read by rule authors as well as rule set administrators/reviewers. It should describe both common pitfalls in rule authorship, as well as potential vectors for malicious rules, and examples of each.

To motivate this, it should also briefly define an adversary model. As far as I am aware, the two classes of adversaries we face are network adversaries that exploit poorly written existing rules, and rule author adversaries that try to subtly smuggle malicious rewrite rules into rulesets for purposes of MITM/phishing.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking