Bug#618026: ibid: Ibid 0.1.1 contains 3 security fixes
Hi Adam (2011.09.17_18:09:13_+0200)
> If you're going to do that, you need to either (preferably) CC the
> receiving package on your mail, or send a separate mail. What tends to
> happen (as in this case) is that the control@ reassign gets processed
> after the rest of the mail has been received and the new package only
> gets the control@ output with no other information.
Fair point, thanks :)
> One quick question - doesn't this change:
>
> + - logfile-visibility-567576.patch: Channels must be explicitly configured
> + to have publicly readable logs. (LP: #567576)
>
> have the potential to at least confuse users who are expecting the logs
> to be created in a publicly readable manner?
Yes. This was the simplest fix to the problem, and probably how things
should have been from the start.
I don't think there is a regression-free fix to the bug, as the bot
cannot know whether it is speaking to a public channel or a private
message, when it speaks first. (Even on IRC, not all channels are
required to have names starting with #)
SR
--
Stefano Rivera
http://tumbleweed.org.za/
H: +27 21 465 6908 C: +27 72 419 8559 UCT: x3127
Reply to: