Launchpad allows bad names as user id
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | Launchpad itself |
Medium
|
Stuart Bishop | ||
Bug Description
Launchpad should lock "special" names... today someone added himself to the ubuntu-ve launchpad team... what got my attention was that lp allowed him to use "contactame" as lp id... which makes a very interesting issue... a user could get a ubuntu-membership and then later change his/her lp id to contactame... so his email address would be <email address hidden> (which means: <email address hidden>) and would lead to a BIG risk...
just imagine: a user comes, creates a lp account... makes himself with a ubuntu-membership, then changes his lp id to something like "<email address hidden>" or "<email address hidden>"
i suggest that "critical" words should be rejected (words in many languages... or words in the principal languages of the world...)
| Santiago Zarate (foursixnine) wrote : | #2 |
so, i guess sales, employment, and stuff are already blacklisted? do you have a public blacklist of names which cant be taken?...
| Changed in launchpad-foundations: | |
| importance: | Undecided → Medium |
| milestone: | none → 2.2.1 |
| status: | New → Triaged |
| Stuart Bishop (stub) wrote : | #3 |
Blacklist updated,
| Changed in launchpad-foundations: | |
| status: | Triaged → Fix Released |
Is there a public black-list for this? so it could be improved?
| visibility: | private → public |
Can you update our blacklist to include contact*, Stuart?