[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Anyone can manipulate any bug report

On Thu, 8 May 1997, Ian Jackson wrote:

> This is operating as designed.  The only other thing to do would be to
> require PGP authentication on all control messages, and to keep an
> up-to-date list of the authorised developers in the bug system.

One item that came to mind when I was forwarding my first bug report today
(and the reason I am writing this note) was that the control mailserver
document states that the control mailserver will stop parsing after it
reaches a "--" so that it won't parse signatures. When I forwarded the
report, I didn't know if I should PGP sign it and then realized that if I
did, the message body would start off with "-----BEGIN PGP SIGNATURE-----"
and therefore the body contents would not be parsed (although I may be
missing something). If I am correct, shouldn't the documentation state
this possible problem? Cheers, Colin.

	  Colin R. Telmer, Institute of Intergovernmental Relations
	   Queen's University, Kingston, Ontario, Canada, K7L-3N6
      Phone: (613)545-6000 ext 4219 Email: telmerco@qed.econ.queensu.ca
     PGP Fingerprint = 09 E9 DA 66 9C EE 33 DC  B8 3B 97 0E 01 BC EC 0B
	     PGP Public Key: finger telmerco@terrapin.queensu.ca

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: