On 2009/04/22 08:35 (GMT-0700) Adam Williamson composed: > The point is that some Bugzilla accounts have access to such sensitive > information, thus we need to have a reasonably strong security policy > for Bugzilla accounts. I don't understand. AFAIK, anyone who asks can receive an account. As a consequence, the only real point of a password on an ordinary account is to ensure a particular account remains associated with and used by only one person. OTOH, sensitive information needs protection from anyone in a position to divulge without potential for recompense. Thus access to protected information should be limited to non-ordinary accounts, and only those non-ordinary accounts should need more than nominal security, if any security at all. What am I missing? -- "He who works his land will have abundant food, but the one who chases fantasies will have his fill of poverty." Proverbs 28:19 NIV Team OS/2 ** Reg. Linux User #211409 Felix Miata *** http://fm.no-ip.com/ -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
