No more Bugzilla for me

Felix Miata mrmazda at ij.net
Wed Apr 22 20:29:12 UTC 2009


On 2009/04/22 21:57 (GMT+0200) Emmanuel Seyman composed:

> * Felix Miata wrote:

>> OTOH, sensitive information needs protection from anyone in a position to
>> divulge without potential for recompense. Thus access to protected
>> information should be limited to non-ordinary accounts, and only those
>> non-ordinary accounts should need more than nominal security, if any security
>> at all.

> Anybody can report a bug and any bug can be caused by (or expose) a
> security exploit. Thus, all accounts are non-ordinary and they all need
> strong passwords.

On the contrary, anyone who wants one can get a Bugzilla account, which
*every* bug is exposed to the whole world to see, until such time as that bug
is restricted to extraordinary accounts, those that are unavailable to every
Tom, Dick & Harry. Unless that happens, there is no actual security at all,
regardless of password policy.

In the meantime, those few bugs I filed that ever got any attention from
anyone other than myself will be unable to get any further attention from me,
only because I am forbidden from using my own choice of virtually pointless
password.
-- 
"He who works his land will have abundant food, but the
one who chases fantasies will have his fill of poverty."
				Proverbs 28:19 NIV

 Team OS/2 ** Reg. Linux User #211409

Felix Miata  ***  http://fm.no-ip.com/




More information about the fedora-devel-list mailing list