savannah-hackers-public
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers-public] Remove resume feature to prevent abuse?

From: John Sullivan
Subject: Re: [Savannah-hackers-public] Remove resume feature to prevent abuse?
Date: Mon, 11 Mar 2019 09:20:47 -0700
User-agent: K-9 Mail for Android 
On March 11, 2019 9:03:32 AM PDT, Ineiev <address@hidden> wrote:
>On Sat, Mar 09, 2019 at 09:14:09AM -0800, John Sullivan wrote:
>> 
>> Both make sense to me. Retaining old inactive data is a security risk
>--
>> magnifies the impact of any database breach.
>
>I checked the records for <rms> as a datapoint. that account
>has never been used in any trackers, and there was a period
>of 6 years when essentially no group status for that account
>was modified. of course, he did commit to VCS, but this is
>considerably harder to check.

Yes, I'm sure we would need a whitelist for certain special accounts like RMS.  
That's not really a data point for anything else, is it?
reply via email to
[Prev in Thread] Current Thread [Next in Thread]