No more Bugzilla for me

Rodd Clarkson rodd at clarkson.id.au
Wed Apr 22 04:31:53 UTC 2009


On Tue, 2009-04-21 at 17:43 -0700, Adam Williamson wrote:
> On Tue, 2009-04-21 at 17:16 -0700, Jesse Keating wrote:
> > On Wed, 2009-04-22 at 06:45 +0800, Basil Mohamed Gohar wrote:
> > > I agree, actually.  Can poorly-authenticated access to Bugzilla really 
> > > cause such a degree of havoc?
> > 
> > It can leak NDA information from Red Hat partners to non-Red Hat folks,
> > which could cause Red Hat to be sued.
> 
> So, another Red Hat issue affecting Fedora. :\ I presume the enhanced
> busybodying can't only be enforced on the accounts which can actually
> access restricted info?

Ah, I'm a little confused.

All that was requested was a change of password.  This doesn't stop Joe
Public from signing up and accessing bugzilla, and presumably doesn't
stop Joe from viewing leaky NDA's.

All it seems to do is make me have to change a password.

Surely if there are leaks using the old password, then there's still
leaks with my new password (which is actually my old password since I
went back in and changed it back).

Or am I missing something ;-]

R.


-- 
MOOSE technology
po box 6061, north croydon, vic 3136     mobile: 0403 338 731
http://www.moosetech.com.au               phone: 03 9726 9457
mailto:rodd at moosetech.com.au                fax: 03 9726 9456

"Share your knowledge.  It is a way to achieve immortality."
                                            -- The Dalai Lama
-- 
"It's a fine line between denial and faith.
 It's much better on my side"




More information about the fedora-devel-list mailing list