id	summary	keywords	status	owner	type	priority
615	Can JavaScript loaded from Tahoe access all your content which is loaded from Tahoe?	newcaps confidentiality integrity preservation capleak gsoc websec	assigned	davidsarah	defect	critical
2222	make a FAQ describing the impact of heartbleed on Tahoe-LAFS	security integrity confidentiality pyopenssl heartbleed docs	assigned	blaisep	defect	critical
127	Cap URLs leaked via HTTP Referer header	confidentiality integrity preservation capleak research websec	assigned	davidsarah	defect	major
465	add a mutable-file cache	performance cache mutable confidentiality memory	new		enhancement	major
562	"add a ""censor"" command to filter out sensitive information from log files"	privacy logging confidentiality	new	somebody	defect	major
568	make immutable check/verify/repair and mutable check/verify work given only a verify cap	confidentiality verify repair usability tahoe-check wui anti-censorship excess-authority	new	daira	defect	major
625	Can't repair read-only dirnodes/mutable-files	confidentiality integrity preservation verify repair newcaps tahoe-backup usability anti-censorship excess-authority	assigned	warner	defect	major
674	controlled access to your WUI	wui confidentiality privacy anti-censorship websec	new	nobody	enhancement	major
685	[needs test] Capability of interrupted downloads is logged in twistd.log	logging memory privacy confidentiality test-needed	new	somebody	defect	major
794	create DSA writecaps from a passphrase	newcaps newurls usability confidentiality integrity	new		enhancement	major
821	A script in a file viewed through the WUI can obtain the file's read cap	newcaps newurls confidentiality capleak websec	assigned	davidsarah	defect	major
840	Allow all CLI commands to take arguments from stdin or a file, to avoid caps being visible to other local users	security confidentiality integrity usability	new		enhancement	major
847	create internal VerifierNode/RepairerNode classes	confidentiality integrity verify repair	new	somebody	task	major
870	Prevent socket hijacking on OSes that don't prevent it by default (Windows)	security integrity confidentiality privacy windows foolscap twisted docs	assigned	davidsarah	defect	major
922	The URL of the info page for an unknown dirnode should not grant authority to the containing directory	capleak integrity confidentiality newurls	assigned	davidsarah	defect	major
995	It's way too easy to give away write directory caps	wui jsui usability confidentiality capleak websec	new	nobody	defect	major
997	The webapi/WUI should have https enabled by default	confidentiality wui webapi capleak	new	nobody	defect	major
1164	use ChaCha⊕AES encryption	confidentiality	new	somebody	enhancement	major
1176	webapi should avoid using plaintext temporary file for uploads	confidentiality	new		defect	major
1368	make the added convergence secret be a per-file configuration	defaults usability confidentiality convergence	new	nobody	defect	major
1422	https node.url is not verified by httplib	https security integrity confidentiality	new	nobody	defect	major
1415	WUI is more useful than CLI	security privacy capleak integrity confidentiality	new		defect	normal
1535	Allow restricting Tahoe-LAFS gateway to one user by supporting Unix sockets	wui cli socket unix security confidentiality integrity capleak	new		enhancement	normal
1989	"foolscap: ""an inbound callRemote ... failed"" log entries include all arguments"	memory confidentiality capleak logging foolscap	new	warner	defect	normal
2018	padding to hide the size of plaintexts	confidentiality privacy compression newcaps research	new	nejucomo	enhancement	normal
2142	How to enhance WebUI default security against capability eavesdropping?	websec confidentiality privacy wui webapi docs	new	amontero	enhancement	normal
2369	Support encryptionless sftp using sftp-over-tcp	performance security confidentiality integrity	new	HoverHell	enhancement	normal
907	Stop caps from leaking to phishing-filter servers	capleak integrity confidentiality forward-compatibility newurls docs websec	assigned	davidsarah	defect	minor