Date: Sun, 4 Dec 2005 12:53:16 +0000 From: Ceri Davies <ceri@submonkey.net> To: "M. Warner Losh" <imp@bsdimp.com>, pav@FreeBSD.org, cvs-all@FreeBSD.org, doc-committers@FreeBSD.org, cvs-doc@FreeBSD.org Subject: Re: cvs commit: www/en/cgi Makefile query-pr.cgi querypr-code.cgi Message-ID: <20051204125315.GB51395@submonkey.net> In-Reply-To: <20051119122451.GG94004@submonkey.net> References: <20051112141152.GT94004@submonkey.net> <1131813973.52725.36.camel@localhost> <20051112172425.GU94004@submonkey.net> <20051112.103529.123972777.imp@bsdimp.com> <20051119122451.GG94004@submonkey.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--wq9mPyueHGvFACwf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Nov 19, 2005 at 12:24:51PM +0000, Ceri Davies wrote: > On Sat, Nov 12, 2005 at 10:35:29AM -0700, M. Warner Losh wrote: > > In message: <20051112172425.GU94004@submonkey.net> > > Ceri Davies <ceri@submonkey.net> writes: > > : > > > No, just add f=3Draw to get the raw PR without markup. > > : > > > http://www.freebsd.org/cgi/query-pr.cgi?pr=3D<PR#>&f=3Draw > > : > > > ^^^^^^ > > : > >=20 > > : > > If you do that, then the address is in the PR header anyway, so w= here's > > : > > the problem? (yes, that elides the usefulness a little, but raw l= inks > > : > > are not presented on the site and are therefore less spiderable). > >=20 > > <a little off-topic text deleted> > >=20 > > Ahem. Gettback back on track... > >=20 > > I've had a couple of private suggestions sent to me. > >=20 > > The first is to create a raw-query-pr.cgi that will just serve up one > > PR in raw format with no links to this page. > >=20 > > The second is to add another parameter to query-pr that changes > > quarterly. pass=3Dbluestarts this quarter, pass=3Dyellowdiamons next, = etc > > (well, we wouldn't use the ingrediants to lucky charms as a > > password). This level of security is the same that exist on certain > > invitation only IRC channels that are out there. Someone has to tell > > you the password, and the password changes from time to time. Since > > developer mail is project confidencial, I would guess it would be > > sufficient to email the new password once a quarter. >=20 > I have another idea. Committers could add a world-readable > ~/.querypr.pass to their home directories containing a string that > authenticates them for seeing email addresses. Then we have some method > to "login" (ie, set a cookie) that lasts for a month. That method just > checks that the string in the cookie matches the string in > ~/.querypr.pass. >=20 > Anyway, I think that the general consensus is that the current code I've just done this. Any feedback on the idea floated above welcome, otherwise we'll just stick with the status quo, I guess. Ceri --=20 Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. -- Einstein (attrib.) --wq9mPyueHGvFACwf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDkua7ocfcwTS3JF8RAgvjAJ9JFSzfp3BcPzFNt4bodz1eI6mijgCbB9hF Rg8KVHWCx58qwHMIfpei7WA= =SDhJ -----END PGP SIGNATURE----- --wq9mPyueHGvFACwf--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051204125315.GB51395>