Group Name Guessing Disclosure Policy
Max Kanat-Alexander
mkanat at bugzilla.org
Mon Jul 19 23:09:58 UTC 2010
On 07/19/2010 03:58 PM, Frédéric Buclin wrote:
> Remember that turning on the makeproductgroups parameter creates one
> group per product. Letting users guess group names means letting them
> guess product names as well, which we don't want.
That's true. Although in the case where group names are confidential,
they can rename the group name to a code name, if they know that group
names can be guessed.
-Max
--
http://www.everythingsolved.com/
Competent, Friendly Bugzilla and Perl Services. Everything Else, too.
More information about the developers
mailing list