ANNOUNCE: Review requests

[Dave Lawrence]

Matthew Miller wrote:

>On Fri, Mar 18, 2005 at 06:47:16PM +0100, Enrico Scholz wrote:
>  
>
>>* you need a strong authentication for the actions causing certain actions
>>  (e.g. QA decisions leading to package-builds, tickets which will be
>>  autobuilt (e.g. updates of "trusted" people)). This is required as an
>>  automated packagebuild and -publication process is extremely attractive
>>  for attackers (IMO).
>>    
>>
>
>Bugzilla *could* have better authentication, though. I believe the auth
>stuff is now all modularized.
>
>  
>

Yes. It supports auth though several different methods.

>>* Bugzilla does not have an authorisation system for the ticket lifecycle
>>  (e.g. only owner of ticket can verify final build)
>>    
>>
>
>I can see how having that would be good, so that good practices are
>actually enforced.
>
>  
>

You could do this on the application level using special permission 
groups. This is how we enforce workflow here at RH.

>>* Bugzilla does not have a voting system with authentication
>>    
>>
>
>Hmmm. Would this really be helpful?
>
>  
>
>>* Bugzilla is unsafe as authentication happens by a predicatable
>>  login_cookie (small integer increased by one at every login).
>>    
>>
>
>However, this login_cookie is tied to IP address, so while that's still bad,
>it's not as horrible as it sounds. (Oh, I see comments from you in the
>bugzilla bug about this already.) Anyway, not that I'm volunteering right
>now, but I don't think it'd be a herculean effort to make it work in a Whol
>Different Way.
>
>
>  
>

Yeah it is not optimal. It is tied to the IP address which helps some. 
There is work in the BZ community to switch to unique hashes as the 
identifier but this is not widely used yet. I hope to switch our over to 
that when it has had some good testing.

Dave


-- 
-------------------------------
David Lawrence <dkl at redhat.com>
   Red Hat Quality Assurance
-------------------------------
www.redhat.com   ftp.redhat.com