[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: spam closes Debian bugs!

On Wed, Mar 17, 2004 at 04:21:15AM +0100, Bernd Eckenfels wrote:
> On Wed, Mar 17, 2004 at 01:33:26PM +1100, Matthew Palmer wrote:
> > As for a malicious attack (someone getting a list of all open bug reports
> > and sending a giant "close NNN" for all of them to control@), the only way
> > to protect against that is severe restriction of the BTS controls, which is
> > going to annoy a lot of people who are currently contributing quietly but
> > who don't particularly want to go through the hassle of getting access - and
> > any meaningful form of getting access will be a hassle.
> 
> A better method is, to allow easy undo. You can for example see this in Wiki
> systems. As long as you can keep track who did what, and can undo the
> effects, you can have a authorisation less system.

I reckon we've got a pretty effective "easy undo" on the BTS, and I agree
with what you're saying here.

> Any ACL is DEADLY - it will effectively stop volunteers.

Agreed.

- Matt
Reply to: