Launchpad itself

branch whiteboards should be editable only by their owners

Bug #316773 reported by Fabien Tassin on 2009-01-13

254

Affects		Status	Importance	Assigned to	Milestone
	Launchpad itself	Invalid	Low	Unassigned

Bug Description

Anyone could modify the whiteboard of a branch hosted on LP.
It is a security issue. Only the owner/team should be able to do that.

Worse, the email sent to the owner(s) after the change does not contain a diff exposing the changes so it's not easy to check what has just been changed.

See original description

Tags:

Fabien Tassin (fta) on 2009-01-13

description:

updated

Revision history for this message

Jonathan Lange (jml) wrote on 2009-02-05:

#1

The point of whiteboards is that anyone can edit them.

If you want to store important information about your branches, your best bet is to edit the description field.

Changed in launchpad-bazaar:
status:	New → Won't Fix

Revision history for this message

Alexander Sack (asac) wrote on 2009-02-05:

#2

Jonathan, I don't think its that simple. Why would a branch owner allow anyone to drop/replace all whiteboard content? ... even if some don't care, the whiteboard is displayed to anyone looking at the branch details on launchpad. Please reconsider your Won't Fix decision.

IMO, if you don't want to add fina grained access control to whiteboards, branch owners should at least be able to disable whiteboard completely.

Revision history for this message

Jonathan Lange (jml) wrote on 2009-02-05:

#3

I'm always happy to reconsider decisions :)

My questions are:
- how are you using the whiteboard such that reliably controlling it becomes a pressing need?
- why not use the description?

I would also like to know what the policy is for other whiteboards in Launchpad, but that's something I can chase up myself.

Changed in launchpad-bazaar:
status:	Won't Fix → Incomplete

Revision history for this message

Martin Albisetti (beuno) wrote on 2009-02-05:

#4

Personally, I think whiteboards should be removed (everywhere!), and in the places where we think conversations should be had, there should be comments, and if it's more permanent, it should be descriptions.

Revision history for this message

Alexander Sack (asac) wrote on 2009-02-10:

#5

AFAIK, this bug was triggered because we had random users editing the whiteboard with content that didn't make much sense. I don't think we use whiteboards for something.

Revision history for this message

Jonathan Lange (jml) wrote on 2009-02-10:

#6

<jml> asac: so, IIUC, the issue was that the branch whiteboard was generating spam?
<asac> jml: more or less yes.
<asac> jml: problem is that whiteboard content is visible at a prominent place
<asac> jml: and for outsiders it doesn't really look like its content that they cannot trust. that would rather be a "Comments ..." section or something.

Revision history for this message

Jonathan Lange (jml) wrote on 2009-02-13:

#7

- We should restrict this for now, to reduce spam.
- Contact Any User deals with many of the use-cases that whiteboards deal with
- Whiteboard requiring owner privs to edit is redundant with a description requiring owner privs to edit.
- Ideally, we'd have a wikified field with versioning, or a thread based comment system

Changed in launchpad-bazaar:
importance:	Undecided → Low
status:	Incomplete → Triaged

Revision history for this message

Tim Penhey (thumper) wrote on 2009-06-09:

#8

The branch whiteboards have been removed now.

The branch summary was also removed, but is coming back as an owner editable description field.

Changed in launchpad-code:
status:	Triaged → Invalid

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.