Administrative security review
Review of InQUIRI
Please provide a PDF documenting this review. Here is the guidance provided on the USGS software management page:
Administrative Security Review
All software must have an administrative security review before it is made publicly available by any method. This type of review ensures personal, private, or otherwise sensitive information is not included in the repository. Types of sensitive information include:
Personally identifiable information (PII)
Absolute file system paths
Internal server host names or IP addresses
Usernames/passwords
Administrative security reviews may be performed by any trusted person; the reviewer does not necessarily need a strong scientific or programming background. When migrating an existing project into any non-private Git repository, it is important to remember that the entire project history needs to be reviewed if that history is to be maintained after migration.
Review Checklist
Please check off boxes as you complete each check. If any issues are found for a given check, describe in comments below
Security Review
The following types of information should not be included in the repository, including the commit history:
-
Check for proprietary code -
Check for Personally Identifiable Information (PII) -
Check for other sensitive information such as usernames/passwords, absolute file system paths, internal server host names or IP addresses
Review Comments
- [Add any review comments here]