https://bugs.winehq.org/show_bug.cgi?id=47628
Bug ID: 47628 Summary: "Security" keyword option Product: WineHQ Bugzilla Version: unspecified Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: bugzilla-unknown Assignee: wine-bugs@winehq.org Reporter: jebeld17@gmail.com CC: austinenglish@gmail.com Distribution: ---
To help tag security bugs and issues easier quicker, the Wine bug tracker should feature "Security" under the 'Keywords' section for bugs.
https://bugs.winehq.org/show_bug.cgi?id=47628
Zebediah Figura z.figura12@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |z.figura12@gmail.com
--- Comment #1 from Zebediah Figura z.figura12@gmail.com --- I don't have the power to add keywords, but this seems sensible to me, at least on a provisional basis.
https://bugs.winehq.org/show_bug.cgi?id=47628
--- Comment #2 from Austin English austinenglish@gmail.com --- Do you have some example bugs where this would be used?
https://bugs.winehq.org/show_bug.cgi?id=47628
--- Comment #3 from jebeld17@gmail.com --- Do I need one? I mean, even if there are no current Security bugs, that doesn't mean there can never be at some point in time.
https://bugs.winehq.org/show_bug.cgi?id=47628
--- Comment #4 from Austin English austinenglish@gmail.com --- (In reply to jebeld17 from comment #3)
Do I need one? I mean, even if there are no current Security bugs, that doesn't mean there can never be at some point in time.
Sure, but there's also little point in adding an unused keyword.
In be addition, while security keywords may be valid against the AppDB/website, security bugs in wine itself may be WONTFIX if matches the winapi (which wine doesn't control).
https://bugs.winehq.org/show_bug.cgi?id=47628
--- Comment #5 from jebeld17@gmail.com --- How can you say it's an "unused" keyword if it doesn't exist? That makes no sense.
https://bugs.winehq.org/show_bug.cgi?id=47628
--- Comment #6 from Austin English austinenglish@gmail.com --- (In reply to jebeld17 from comment #5)
How can you say it's an "unused" keyword if it doesn't exist? That makes no sense.
You're proposing to add a new keyword, and when I asked for what bugs would use it, you gave no examples.
So, if this keyword were added, at least initially, it would be unused. I don't see the point in adding keywords we may or may not use at some point in the indefinite future.
https://bugs.winehq.org/show_bug.cgi?id=47628
--- Comment #7 from Rosanne DiMesio dimesio@earthlink.net --- (In reply to Austin English from comment #4)
security keywords may be valid against the AppDB/website,
I can think of a few AppDB bugs that would fit: 34647, 22798, 28660, 21639.
https://bugs.winehq.org/show_bug.cgi?id=47628
Fabian Maurer dark.shadow4@web.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |dark.shadow4@web.de
--- Comment #8 from Fabian Maurer dark.shadow4@web.de --- For Wine, "security" would be used for vulnerabilities inside Wine, right? But running programs already have full wine control, so left are attacks on wine through a third party exploit. Well, IMHO rouge applications are a way bigger threat, and we don't even have sandboxing. Just curious, is there any exploit in the wild which attacks and exploits wine?
For the website/buzilla/etc. I don't think it's needed too badly, seeing that there aren't that many open bugs anyways. There's importance for that. But maybe the website maintainers think differently, dunno.
https://bugs.winehq.org/show_bug.cgi?id=47628
--- Comment #9 from Gijs Vermeulen gijsvrm@gmail.com --- Maybe bugs 45104, 45105 and 45106 would qualify as well.
-
wine-bugs@winehq.org