A general and boring explanation on how access restrictions are handled/configured in Bugzilla currently. No opinions involved.
On Wed, 2014-06-25 at 21:18 -0700, Chris Steipp wrote: > There are a few cases where there may be legitimate private data in a > security bug ("look, sql injection, and here are some rows from the > user table!", "Hey, this was supposed to be suppressed, and I can see > it", "This user circumvented the block on this IP"). But there might > be ways to flag or categorize a report as also including private data? > Someone with more bugzilla experience would need to comment. I'm not aware of any "standardized" way to do this. Current practice is described in item 2 below. In general, Bugzilla offers two things: 1) Access restriction to all tickets in a certain product by default (like all tickets under "Security"). Only Bugzilla admins, members of the security group, the bug reporter, and people explicitly CC'ed on such a ticket can access such a ticket in such a product. 2) Separate from that, marking both attachments and specific comments in a ticket as "private". It's configured that it can be set and seen by Bugzilla admins and members of the security group. There is a practice (tradition?) to set the 'private' flag if somebody finds or notifies about private data exposed (IPs, passwords, SSIDs), insults / personal attacks, or spam. We don't have an explicit policy defined for setting that flag. A while ago I was told that people who by default have access to Security tickets in Bugzlla need to have an NDA [1] in place. andre [1] https://en.wikipedia.org/wiki/Non-disclosure_agreement -- Andre Klapper | Wikimedia Bugwrangler http://blogs.gnome.org/aklapper/ _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l