RE: Security reports in bugzilla?

I know the bugsquad team is overloaded, and there are many bug out there,
BUT you shouldn't ignore the problem. Let's flag it and see what we can do

It is importnat for gnome to be a security concious development platform.


Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
E-mail: franck sopac org <mailto:franck sopac org> 
Web site:
<> Support FMaps:

This e-mail is intended for its addresses only. Do not forward this e-mail
without approval. The views expressed in this e-mail may not be necessarily
the views of SOPAC.

-----Original Message-----
From: Elliot Lee [mailto:sopwith redhat com]
Sent: Tuesday, 18 December 2001 11:20 
To: Franck Martin
Cc: gnome-2-0-list gnome org; gnome-devel-list gnome org;
gnome-bugsquad gnome org
Subject: Re: Security reports in bugzilla?

On 18 Dec 2001, Franck Martin wrote:

> I have noticed that in bugzilla, you can't flag a problem as a
> security problem. I think it would be important for gnome to report
> bugs which may be security hazards. It becomes more and more important
> that systems shows a high level of security, and that developers are
> conscious of security implications in their development. As gnome
> brings more and more features, it may evolve as a security nighmare
> like windows products if we are not careful.
> I think with the possibility to flag a problem as a security threat,
> will bring the attention of the developers on limiting the security
> problems of their applications.
> What do you think?

The biggest problem from my point of view is that there are not enough
people to process the bugs that are filed, and adding a 'security' flag
won't really help if there is nobody fixing the problems.

There is a gnome-bugsquad list where people interested in helping sort
through bugs can coordinate. There is also a bugzilla summary report every
week on gnome-devel-list. At last count, there were around 6700 bugs open.

-- Elliot

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]