No more Bugzilla for me
Felix Miata
mrmazda at ij.net
Wed Apr 22 16:48:48 UTC 2009
On 2009/04/22 08:35 (GMT-0700) Adam Williamson composed:
> The point is that some Bugzilla accounts have access to such sensitive
> information, thus we need to have a reasonably strong security policy
> for Bugzilla accounts.
I don't understand. AFAIK, anyone who asks can receive an account. As a
consequence, the only real point of a password on an ordinary account is to
ensure a particular account remains associated with and used by only one person.
OTOH, sensitive information needs protection from anyone in a position to
divulge without potential for recompense. Thus access to protected
information should be limited to non-ordinary accounts, and only those
non-ordinary accounts should need more than nominal security, if any security
at all.
What am I missing?
--
"He who works his land will have abundant food, but the
one who chases fantasies will have his fill of poverty."
Proverbs 28:19 NIV
Team OS/2 ** Reg. Linux User #211409
Felix Miata *** http://fm.no-ip.com/
More information about the fedora-devel-list
mailing list