Please advise on security
Max Kanat-Alexander
mkanat at bugzilla.org
Mon Jun 18 01:46:57 UTC 2012
On 06/05/2012 08:57 AM, Steven Tierney wrote:
> I did check the Bugzilla source files but, not being very used to coding
> in Perl and not knowing how security 'works' in Bugzilla, I don't know
> where to start!
Hey Steven.
You probably want two things:
(1) Bugzilla->login(LOGIN_REQUIRED) for methods that can only be used
by logged-in users.
(2) Bugzilla->user->visible_bugs (which is defined in Bugzilla::User).
If you are going to show products and components to users as well, you
will have to do security on those in a different way.
-Max
--
Max Kanat-Alexander
Chief Architect, Community Lead, and Release Manager
Bugzilla Project
http://www.bugzilla.org/
More information about the developers
mailing list