Bug 171634
Summary: | Bugzilla knows only of confidential bugs, not of bugs with confidential triggers | ||
---|---|---|---|
Product: | [Community] Bugzilla | Reporter: | Horst H. von Brand <vonbrand> |
Component: | Bugzilla General | Assignee: | Simon Green <sgreen> |
Status: | CLOSED WONTFIX | QA Contact: | Kevin Baker <kbaker> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 3.6 | CC: | ebaak, ineilsen, kbaker, sgreen |
Target Milestone: | --- | Keywords: | FutureFeature, Reopened |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Enhancement | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-05-10 13:04:42 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Horst H. von Brand
2005-10-24 16:13:12 UTC
Red Hat's current Bugzilla version is 2.18. I am moving all older open bugs to this version. Any bugs against the older versions will need to be verified that they are still bugs. This will help me also to sort them better. Red Hat Bugzilla is now using version 3.2 of the Bugzilla codebase and therefore this bug will need to be re-verified against the new release. With the updated code this bug may no longer be relevant or may have been fixed in the new code. Updating bug version to 3.2. currently in bugzilla we can mark attachments and comments as private so only specific people would be able to see those parts of the bug, whereas the bug report itself can be made public. To be able to set attachments and comments to private and to see them you need to be in the insidergroup in bugzilla, and actually only redhat employees can be members of that group. This is not enough to me. I did run into problems where the only known trigger was a file with sensitive data (like personal data and grades). For some reason or the other scrubbing the file (replacing by random numbers, names, ...) either was not an option or made the bug go away, or a made up file did not show the problem. It'd be fine with me if only RH people (or some other similarly restricted group) can see such data, but not everybody. BTW, how do I reopen a bug? This only gives me the CLOSED and ASSIGNED states. Changing state to ASSIGNED is the same as reopening the bug. It also will add Reopened keyword as well to show up on people's search filters. Red Hat Bugzilla is now using version 3.4 of the Bugzilla codebase and therefore this feature will need to be implemented against the new release. Updating bug version to 3.2. Red Hat has now upgraded to Bugzilla 3.6 and this bug will now be reassigned to that version. It would be helpful to the Bugzilla Development Team if this bug is verified to still be an issue with the latest version. If it is no longer an issue, then feel free to close, otherwise please comment that it is still a problem and we will try to address the issue as soon as we can. Thanks Bugzilla Development Team (In reply to comment #4) > This is not enough to me. Unfortunately Bugzilla isn't equipped to handle this situation, as per Noura's comment. The best thing to do in this case is make a comment that you have a file that has confidential information. The bug assignee may ask you to e-mail them the file outside Bugzilla, and optionally add it to the bug as a private attachment only visible to people in the insiders group. |