problems with redhat bugzilla?
Sérgio Basto
sergio at serjux.com
Fri Oct 2 21:36:37 UTC 2015
On Sex, 2015-10-02 at 17:11 -0400, Felix Miata wrote:
> Sérgio Basto composed on 2015-10-02 13:23 (UTC+0100):
>
> > On Sex, 2015-10-02 at 12:37 +0200, Karel Volný wrote:
>
> >> > Maybe my assumption was not totally correct but now bugzilla says:
>
> >> > The password must contain at least one:
>
> >> > letter
> >> > special character
> >> > digit
>
> >> and 8 characters minimum length
>
> > if Bugzilla enforce 8 characters minimum length , it is a strong
> > password !
> > if not , it should.
>
> Why? Exactly what is the risk that someone could access BZ via password theft
> vs. creating an account? What could be lost by keeping the old password
> requirement?
Stealing a password of a privileged user, can compromised
Bugzilla, can be stolen ‘security-sensitive' information etc .
We have the recent new with Mozilla: "Mozilla says hacker compromised
Bugzilla and used stolen ‘security-sensitive’ info to attack Firefox
users" and they did the attack .
> --
> "The wise are known for their understanding, and pleasant
> words are persuasive." Proverbs 16:21 (New Living Translation)
>
> Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!
>
> Felix Miata *** http://fm.no-ip.com/
>
--
Sérgio M. B.
More information about the test
mailing list