cvs commit: www/en/cgi Makefile query-pr.cgi querypr-code.cgi
Ceri Davies
ceri at submonkey.net
Sat Nov 19 04:24:52 PST 2005
On Sat, Nov 12, 2005 at 10:35:29AM -0700, M. Warner Losh wrote:
> In message: <20051112172425.GU94004 at submonkey.net>
> Ceri Davies <ceri at submonkey.net> writes:
> : > > > No, just add f=raw to get the raw PR without markup.
> : > > > http://www.freebsd.org/cgi/query-pr.cgi?pr=<PR#>&f=raw
> : > > > ^^^^^^
> : > >
> : > > If you do that, then the address is in the PR header anyway, so where's
> : > > the problem? (yes, that elides the usefulness a little, but raw links
> : > > are not presented on the site and are therefore less spiderable).
>
> <a little off-topic text deleted>
>
> Ahem. Gettback back on track...
>
> I've had a couple of private suggestions sent to me.
>
> The first is to create a raw-query-pr.cgi that will just serve up one
> PR in raw format with no links to this page.
>
> The second is to add another parameter to query-pr that changes
> quarterly. pass=bluestarts this quarter, pass=yellowdiamons next, etc
> (well, we wouldn't use the ingrediants to lucky charms as a
> password). This level of security is the same that exist on certain
> invitation only IRC channels that are out there. Someone has to tell
> you the password, and the password changes from time to time. Since
> developer mail is project confidencial, I would guess it would be
> sufficient to email the new password once a quarter.
I have another idea. Committers could add a world-readable
~/.querypr.pass to their home directories containing a string that
authenticates them for seeing email addresses. Then we have some method
to "login" (ie, set a cookie) that lasts for a month. That method just
checks that the string in the cookie matches the string in
~/.querypr.pass.
Anyway, I think that the general consensus is that the current code
thing sucks, so I agree that it should be backed out.
Ceri
--
Only two things are infinite, the universe and human stupidity, and I'm
not sure about the former. -- Einstein (attrib.)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-all/attachments/20051119/3046fb4f/attachment.bin
More information about the cvs-all
mailing list