Bugzilla:FAQ:Bugzilla Security: Difference between revisions
Jump to navigation
Jump to search
(Bugzilla:FAQ 4. Bugzilla Security) |
m (category:Bugzilla; ~nav) |
||
Line 19: | Line 19: | ||
and follow the recommended security guidelines found in The Bugzilla Guide. | and follow the recommended security guidelines found in The Bugzilla Guide. | ||
[[category:Bugzilla]] | |||
{{Navigation Bugzilla FAQ}} | |||
Revision as of 20:41, 28 March 2006
General Questions
Managerial Questions
Administrative Questions
Bugzilla Security
How do I completely disable MySQL security if it's giving me problems? (I've followed the instructions in the installation section of this guide...)
Run MySQL like this: mysqld --skip-grant-tables. Please remember that this makes MySQL as secure as taping a $100 to the floor of a football stadium bathroom for safekeeping.
- This can't be stressed enough. Doing this is a bad idea. Please consult
Section 4.2 of this guide and the MySQL documentation for better solutions.
Are there any security problems with Bugzilla?
The Bugzilla code has undergone a reasonably complete security audit, and user-facing CGIs run under Perl's taint mode. However, it is recommended that you closely examine permissions on your Bugzilla installation, and follow the recommended security guidelines found in The Bugzilla Guide.