httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Stoddard" <b...@wstoddard.com>
Subject Re: state of the bugdb
Date Tue, 10 Apr 2001 15:03:47 GMT


> On Tue, 10 Apr 2001, Marc Slemko wrote:
>
> > On Mon, 9 Apr 2001 rbb@covalent.net wrote:
> >
> > >
> > > Why don't we just use the bugzilla that is on that Sun machine?  isn't
it
> > > called nagoya.apache.org, or something like that?
> >
> > 1. we tried bugzilla before for 2.x bug reports.  result: it was used as
> > one step in a root compromise.  Sure, having it on its own box helps
> > things out.  But doesn't remove the concern.
> > 2. bugzilla doesn't, out of the box, provide some of the functionality
> > that we have now that I consider to be quite important.
> > 3. even if those weren't issues, it has to be configured and setup in a
> > way that lets it meet our needs and people have to know how it should be
> > used.
> >
> > While I am unhappily resigned to the fact that bugzilla may, in fact, form
> > the core of what the best solution is for us, I don't know that it is just
> > a drop-it-in-and-run thing.
>
> Nagoya was setup specifically to be a bugzilla machine for the ASF.  It is
> run by Pier and somebody else, who I can't remember.  The root compromise
> is not a big issue, because that machine doesn't really run anything other
> than bugzilla.

Errr... no. Root compromise of any machine on the internet is a BIG DEAL. The
data on the machine is only a minor part of the issue.

Bill


Mime
View raw message