[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]


Colin Watson <cjwatson@debian.org> wrote:
> Now that we've got MIME support, at least requiring signed mails for
> things is possible. Requiring a signature for the traditional -done
> address doesn't work though - you have something like this:
> I'd quite like to see 'close' enhanced as you describe. Obviously we'd
> need to make service communicate more with the submitter, which is
> probably a good thing anyway (e.g. #93408).

ATM is is ok for the bug submitter to close his own bug, which I think
is a good idea. But checking his PGP-Sig does not work, as you've
usually got not trust in his key. _If_ he has one.

> As for other uses of signed commands: the general bug-manipulation
> commands are probably horribly contentious, as they're often used by
> non-developers to helpful effect, although reopen is arguable. spam and
> unspam sound useful and should be signed. change-submitter? Anything
> else?

I think you are proposing a too heavy solution for the problem, at
hand, i.e. spam closing, opening, or manipulating bugs.  This could be
done much simpler:
* strict syntax-checking at control@, anything that is no valid
  command is taken as 'quit'.
* do away withh XXXX-done or require a (pseudo-)Header similar to the
  one required by submit@, eg. 'X-DebBTS-close: XXXX,YYYY'. It should
  be possible to use this in the Body or the Header for people whose
  MUAs do not allow custom headers.

Requiring PGP signed messages would be the right thing to do if you
wanted to disable administrator commands for non DDs, e.g. because you
wanted to stop  some Script-Kiddie from shutting the BTS down by
closing or reopening all bugs, as a protection against spam it is much
to heavy.
                cu andreas (no DD yet)
Hey, da ist ein Ballonautomat auf der Toilette!
Unofficial _Debian-packages_ of latest unstable _tin_

Reply to: