* Felix Miata [22/04/2009 22:35] : > > On the contrary, anyone who wants one can get a Bugzilla account, which > *every* bug is exposed to the whole world to see, until such time as that bug > is restricted to extraordinary accounts, those that are unavailable to every > Tom, Dick & Harry. Unless that happens, there is no actual security at all, > regardless of password policy. Yup. That's why you have the option at all times to mark a bug as being security sensitive, which you should do as soon as you realize that a security exploit might be in question. > In the meantime, those few bugs I filed that ever got any attention from > anyone other than myself will be unable to get any further attention from me, > only because I am forbidden from using my own choice of virtually pointless > password. I'm just saying that all Bugzilla need strong passwords, nothing else. Personally, I would argue that the current policy encourages weak password but that's just a gut feeling. Emmanuel -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
