Date: Wed, 04 Jun 2014 01:13:38 +0200 From: Michelle Sullivan <michelle@sorbs.net> To: Eitan Adler <lists@eitanadler.com> Cc: ports@freebsd.org, marino@freebsd.org, David Chisnall <theraven@freebsd.org>, Vitaly Magerya <vmagerya@gmail.com>, =?ISO-8859-1?Q?Ulrich_Sp=F6rlein?= <uqs@freebsd.org> Subject: Re: [FreeBSD-Announce] FreeBSD bug tracking moves from GNATS to Bugzilla Message-ID: <538E56A2.9070100@sorbs.net> In-Reply-To: <CAF6rxgm1n-1aYKH83-vPOS9V8X9yyt8ad1q3p3Hsty0UfswSmw@mail.gmail.com> References: <92E4FB10-DDC8-4B3E-9242-4E8494491630@FreeBSD.org> <538DBAEC.5060905@gmail.com> <AC5B5F36-CB39-40C2-8979-8D2007B0892A@FreeBSD.org> <CAJ9axoRbk4DPfptdifsAy3_oBCyjQO_kDxCVxv%2Bb1d8Tp3usgQ@mail.gmail.com> <538E01CB.1050607@marino.st> <CAF6rxgm1n-1aYKH83-vPOS9V8X9yyt8ad1q3p3Hsty0UfswSmw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Eitan Adler wrote: > On 3 June 2014 10:11, John Marino <freebsd.contact@marino.st> wrote: > >> ... it's doubtful most folks unwilling to register are >> about to make a meaningful report... >> > > This is *not* the reason for registation. > > The reason for registation is that we know from experience that having > a way to talk with the reporter drastically increases the chance that > the bug will get fixed. Registration offers verification of the > submitters email. > +1 ... actually +~ ... been there done than... at SORBS (attacked on a daily basis at times)... I went with the following that FreeBSD might find useful: 1/ No login, no information (static pages only) 2/ No Login + Catpcha (self generated, tho reCaptcha would work), limited information and rate limiting (on IP address) 3/ Login - email verified, admin *not verified* (ie general user) .. a little more information than in (2) and rate limits increased (and not limited to IP - though changing IP will require re-login). 4/ Login - email verified - admin verified (ie: privileged user) .. full (almost - based on permissions) access... rate limiting removed. how I could see that apply to FreeBSD (using the same numbering): 1/ static pages only 2/ can view a bug (and *maybe* log a bug - a single bug per day/week/month) 3/ can log a bug and view a bug 4/ can work on a bug, log a bug and view a bug. > We would rather get fewer higher quality and more engaged bugs than > what we've had in the past where bugs were a one way vent. > > To preempt the next question: why don't we allow users to submit via > email but verify with a token? That system isn't possible with how > the gateway is set up now. Its a long term possability. If someone > wants to help set that up please contact me offline (at bugmeister@). > I'm happy to help setup all sorts of anti-spam systems - feel free to mail me offlist. > What about bug followups via email? Possibly a problem (but not really - "if you're not the originator of the bug, and not logged in, you can't update it at all"..) > That one won't be supported for a > bit as we get used to bugzilla. It certainly on the cards to support > in the future. > > > > Michelle -- Michelle Sullivan http://www.mhix.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?538E56A2.9070100>