Closed
Bug 3614
Opened 26 years ago
Closed 24 years ago
Security needs improvement (REMOTE_HOST doesn't cut it)
Categories
(Bugzilla :: Bugzilla-General, defect, P3)
Tracking
()
People
(Reporter: terry, Assigned: justdave)
Details
part of bugzilla's security is dependent on the REMOTE_HOST environment
variable, but it seems that apache doesn't always set that. Need to find
the right thing to use.
Reporter | ||
Comment 1•26 years ago
|
||
Reassigning to dmose@mozilla.org, who now has front-line responsibility for
all Bonsai and Bugzilla bugs.
Reporter | ||
Comment 2•26 years ago
|
||
Reassigning back to me. That stuff about me no longer being the front-line
person responsible for Bugzilla and Bonsai turned out to be short-lived.
Please pardon our confusion, and I'm very sorry about the spam.
Comment 3•26 years ago
|
||
Terry, when you find a better way of doing security please tell me about it,
because REMOTE_HOST is the only way of authenticating cookies that I could
think about when doing my own scripts (without storing passwords on the
client, which is even worse), and using cookies is the only way I have found of
not asking someone to login for every form!
Reporter | ||
Updated•25 years ago
|
Status: NEW → ASSIGNED
Updated•25 years ago
|
QA Contact: matty
Reporter | ||
Comment 4•25 years ago
|
||
tara@tequilarista.org is the new owner of Bugzilla and Bonsai. (For details,
see my posting in netscape.public.mozilla.webtools,
news://news.mozilla.org/38F5D90D.F40E8C1A%40geocast.com .)
Assignee: terry → tara
Status: ASSIGNED → NEW
Comment 5•24 years ago
|
||
The solution is to use Digest Authentication or Basic Authentication and SSL.
*** This bug has been marked as a duplicate of 20122 ***
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → DUPLICATE
Assignee | ||
Comment 7•23 years ago
|
||
moving to Bugzilla product
reassign to default owner/qa for INVALID/WONTFIX/WORKSFORME/DUPLICATE
Assignee: tara → justdave
Component: Bugzilla → Bugzilla-General
Product: Webtools → Bugzilla
Version: other → unspecified
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•