Re: problems with redhat bugzilla?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sex, 2015-10-02 at 17:11 -0400, Felix Miata wrote:
> Sérgio Basto composed on 2015-10-02 13:23 (UTC+0100):
> 
> > On Sex, 2015-10-02 at 12:37 +0200, Karel Volný wrote:
> 
> >> > Maybe my assumption was not totally correct but now bugzilla says:
> 
> >> > The password must contain at least one:
> 
> >> >     letter
> >> >     special character
> >> >     digit
> 
> >> and 8 characters minimum length
> 
> > if Bugzilla enforce 8 characters minimum length , it is a strong
> > password ! 
> > if not , it should. 
> 
> Why? Exactly what is the risk that someone could access BZ via password theft
> vs. creating an account? What could be lost by keeping the old password
> requirement?

Stealing a password of a privileged user, can compromised
Bugzilla,  can be stolen ‘security-sensitive' information etc . 
We have the recent new with Mozilla: "Mozilla says hacker compromised
Bugzilla and used stolen ‘security-sensitive’ info to attack Firefox
users" and they did the attack . 

> -- 
> "The wise are known for their understanding, and pleasant
> words are persuasive." Proverbs 16:21 (New Living Translation)
> 
>  Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!
> 
> Felix Miata  ***  http://fm.no-ip.com/
> 

-- 
Sérgio M. B.

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux