Bug 193396 - Potential abuse of bugzilla by new users assigning CCs
Summary: Potential abuse of bugzilla by new users assigning CCs
Status: New
Alias: None
Product: Services
Classification: Unclassified
Component: Bug Tracker (show other bugs)
Version: unspecified
Hardware: Any Any
: --- Affects Some People
Assignee: Kubilay Kocak
Keywords: feature
Depends on:
Reported: 2014-09-06 14:36 UTC by smithi
Modified: 2014-09-09 20:43 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description smithi 2014-09-06 14:36:19 UTC
First time users of bugzilla can submit a lot of reports and assign CCs to (in this case) freebsd-stable@freebsd.org.  Today we have 25+ messages in stable@ from one submitter who has not previously (since May) posted in any of the dozen or so lists I take, all of which, including replies, are from this one submitter.

Without someone first assigning new reports, from new subscribers, the potential to sign up with the (encouraged!) throw-away *mail address, and spam the heck out of who knows how many lists seems pretty obviously open to abuse.

I don't know - and don't have time to learn - bugzilla setup, but if there is some way that new subscribers can have their 'mayCC' bit withheld until at least one or two of their posts have been assigned as ok by a human, that would limit the potential for abuse or just cluelessness considerably.

cheers, Ian
Comment 1 smithi 2014-09-06 15:12:42 UTC
Keyword: feature as requested.
Comment 2 Marcus von Appen freebsd_committer freebsd_triage 2014-09-09 06:50:43 UTC
bugmeister considers this to be a single case for the moment and won't take action. If this should become a reoccurring issue, we will think again about the current access model for new subscribers.

I'll reject this for now (just to get it from the radar) and we can reopen the issue, if similar cases are noticed.
Comment 3 smithi 2014-09-09 12:33:31 UTC
Fair enough, thanks.
Comment 4 Kubilay Kocak freebsd_committer freebsd_triage 2014-09-09 20:43:33 UTC
Apologies, I forgot to let the team know I had requested this issue be created, that I plan to look into. 

Lowering priority to move it away from the top of the bugmeister list and assign to myself