Re: Security reports in bugzilla?

On 18 Dec 2001, Franck Martin wrote:

> I have noticed that in bugzilla, you can't flag a problem as a
> security problem. I think it would be important for gnome to report
> bugs which may be security hazards. It becomes more and more important
> that systems shows a high level of security, and that developers are
> conscious of security implications in their development. As gnome
> brings more and more features, it may evolve as a security nighmare
> like windows products if we are not careful.
> I think with the possibility to flag a problem as a security threat,
> will bring the attention of the developers on limiting the security
> problems of their applications.
> What do you think?

The biggest problem from my point of view is that there are not enough
people to process the bugs that are filed, and adding a 'security' flag
won't really help if there is nobody fixing the problems.

There is a gnome-bugsquad list where people interested in helping sort
through bugs can coordinate. There is also a bugzilla summary report every
week on gnome-devel-list. At last count, there were around 6700 bugs open.

-- Elliot

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]