lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080512221109.4fa51a71@core>
Date:	Mon, 12 May 2008 22:11:09 +0100
From:	Alan Cox <alan@...rguk.ukuu.org.uk>
To:	Jiri Slaby <jirislaby@...il.com>
Cc:	Jonathan Corbet <corbet@....net>, linux-kernel@...r.kernel.org
Subject: Re: Tracking and crediting bug reporters

> > I cannot add a tag with a third party personal information upon it
> > without their permission nor can anyone else in a part of the world with
> > any vaguely resembling privacy laws.
> 
> IANAL. Unless it's a public information, no? (As reports are.)

If they made it public fine - although building a database of that
requires care. That was my point. You need specific permission of the bug
reporter. Given bug reporters may have personal reasons (including 'works
at Microsoft') and business ones (from 'company policy' to 'three letter
agency') for not wanting the information public.

> Otherwise we would be in a big trouble, since we do this as far as can git 
> history tell at least.

No: The Signed-off-by in GIT references the 1.1 contributor agreement
which specifically deals with that case.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ