[Bug 47628] New: "Security" keyword option
https://bugs.winehq.org/show_bug.cgi?id=47628 Bug ID: 47628 Summary: "Security" keyword option Product: WineHQ Bugzilla Version: unspecified Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: bugzilla-unknown Assignee: wine-bugs(a)winehq.org Reporter: jebeld17(a)gmail.com CC: austinenglish(a)gmail.com Distribution: --- To help tag security bugs and issues easier quicker, the Wine bug tracker should feature "Security" under the 'Keywords' section for bugs. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47628 Zebediah Figura <z.figura12(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |z.figura12(a)gmail.com --- Comment #1 from Zebediah Figura <z.figura12(a)gmail.com> --- I don't have the power to add keywords, but this seems sensible to me, at least on a provisional basis. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47628 --- Comment #2 from Austin English <austinenglish(a)gmail.com> --- Do you have some example bugs where this would be used? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47628 --- Comment #3 from jebeld17(a)gmail.com --- Do I need one? I mean, even if there are no current Security bugs, that doesn't mean there can never be at some point in time. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47628 --- Comment #4 from Austin English <austinenglish(a)gmail.com> --- (In reply to jebeld17 from comment #3)
Do I need one? I mean, even if there are no current Security bugs, that doesn't mean there can never be at some point in time.
Sure, but there's also little point in adding an unused keyword. In be addition, while security keywords may be valid against the AppDB/website, security bugs in wine itself may be WONTFIX if matches the winapi (which wine doesn't control). -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47628 --- Comment #5 from jebeld17(a)gmail.com --- How can you say it's an "unused" keyword if it doesn't exist? That makes no sense. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47628 --- Comment #6 from Austin English <austinenglish(a)gmail.com> --- (In reply to jebeld17 from comment #5)
How can you say it's an "unused" keyword if it doesn't exist? That makes no sense.
You're proposing to add a new keyword, and when I asked for what bugs would use it, you gave no examples. So, if this keyword were added, at least initially, it would be unused. I don't see the point in adding keywords we may or may not use at some point in the indefinite future. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47628 --- Comment #7 from Rosanne DiMesio <dimesio(a)earthlink.net> --- (In reply to Austin English from comment #4)
security keywords may be valid against the AppDB/website,
I can think of a few AppDB bugs that would fit: 34647, 22798, 28660, 21639. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47628 Fabian Maurer <dark.shadow4(a)web.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dark.shadow4(a)web.de --- Comment #8 from Fabian Maurer <dark.shadow4(a)web.de> --- For Wine, "security" would be used for vulnerabilities inside Wine, right? But running programs already have full wine control, so left are attacks on wine through a third party exploit. Well, IMHO rouge applications are a way bigger threat, and we don't even have sandboxing. Just curious, is there any exploit in the wild which attacks and exploits wine? For the website/buzilla/etc. I don't think it's needed too badly, seeing that there aren't that many open bugs anyways. There's importance for that. But maybe the website maintainers think differently, dunno. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=47628 --- Comment #9 from Gijs Vermeulen <gijsvrm(a)gmail.com> --- Maybe bugs 45104, 45105 and 45106 would qualify as well. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
wine-bugs@winehq.org