Matthew Miller wrote:
On Fri, Mar 18, 2005 at 06:47:16PM +0100, Enrico Scholz wrote:
* you need a strong authentication for the actions causing certain actions
(e.g. QA decisions leading to package-builds, tickets which will be
autobuilt (e.g. updates of "trusted" people)). This is required as an
automated packagebuild and -publication process is extremely attractive
for attackers (IMO).
Bugzilla *could* have better authentication, though. I believe the auth
stuff is now all modularized.
Yes. It supports auth though several different methods.
* Bugzilla does not have an authorisation system for the ticket lifecycle
(e.g. only owner of ticket can verify final build)
I can see how having that would be good, so that good practices are
You could do this on the application level using special permission
groups. This is how we enforce workflow here at RH.
* Bugzilla does not have a voting system with authentication
Hmmm. Would this really be helpful?
* Bugzilla is unsafe as authentication happens by a predicatable
login_cookie (small integer increased by one at every login).
However, this login_cookie is tied to IP address, so while that's still bad,
it's not as horrible as it sounds. (Oh, I see comments from you in the
bugzilla bug about this already.) Anyway, not that I'm volunteering right
now, but I don't think it'd be a herculean effort to make it work in a Whol
Yeah it is not optimal. It is tied to the IP address which helps some.
There is work in the BZ community to switch to unique hashes as the
identifier but this is not widely used yet. I hope to switch our over to
that when it has had some good testing.
David Lawrence <dkl@xxxxxxxxxx>
Red Hat Quality Assurance
fedora-extras-list mailing list