Re: Security reports in bugzilla?

From: Elliot Lee <sopwith redhat com>
To: Franck Martin <franck sopac org>
Cc: <gnome-2-0-list gnome org>, <gnome-devel-list gnome org>, <gnome-bugsquad gnome org>
Subject: Re: Security reports in bugzilla?
Date: Mon, 17 Dec 2001 18:20:00 -0500 (EST)

On 18 Dec 2001, Franck Martin wrote:

> I have noticed that in bugzilla, you can't flag a problem as a
> security problem. I think it would be important for gnome to report
> bugs which may be security hazards. It becomes more and more important
> that systems shows a high level of security, and that developers are
> conscious of security implications in their development. As gnome
> brings more and more features, it may evolve as a security nighmare
> like windows products if we are not careful.
> 
> I think with the possibility to flag a problem as a security threat,
> will bring the attention of the developers on limiting the security
> problems of their applications.
> 
> What do you think?

The biggest problem from my point of view is that there are not enough
people to process the bugs that are filed, and adding a 'security' flag
won't really help if there is nobody fixing the problems.

There is a gnome-bugsquad list where people interested in helping sort
through bugs can coordinate. There is also a bugzilla summary report every
week on gnome-devel-list. At last count, there were around 6700 bugs open.

-- Elliot

Follow-Ups:
- Re: Security reports in bugzilla?
  - From: John Fleck

References:
- Security reports in bugzilla?
  - From: Franck Martin

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]