Date: Sun, 4 Dec 2005 12:53:16 +0000 From: Ceri Davies <ceri@submonkey.net> To: "M. Warner Losh" <imp@bsdimp.com>, pav@FreeBSD.org, cvs-all@FreeBSD.org, doc-committers@FreeBSD.org, cvs-doc@FreeBSD.org Subject: Re: cvs commit: www/en/cgi Makefile query-pr.cgi querypr-code.cgi Message-ID: <20051204125315.GB51395@submonkey.net> In-Reply-To: <20051119122451.GG94004@submonkey.net> References: <20051112141152.GT94004@submonkey.net> <1131813973.52725.36.camel@localhost> <20051112172425.GU94004@submonkey.net> <20051112.103529.123972777.imp@bsdimp.com> <20051119122451.GG94004@submonkey.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Sat, Nov 19, 2005 at 12:24:51PM +0000, Ceri Davies wrote: > On Sat, Nov 12, 2005 at 10:35:29AM -0700, M. Warner Losh wrote: > > In message: <20051112172425.GU94004@submonkey.net> > > Ceri Davies <ceri@submonkey.net> writes: > > : > > > No, just add f=raw to get the raw PR without markup. > > : > > > http://www.freebsd.org/cgi/query-pr.cgi?pr=<PR#>&f=raw > > : > > > ^^^^^^ > > : > > > > : > > If you do that, then the address is in the PR header anyway, so where's > > : > > the problem? (yes, that elides the usefulness a little, but raw links > > : > > are not presented on the site and are therefore less spiderable). > > > > <a little off-topic text deleted> > > > > Ahem. Gettback back on track... > > > > I've had a couple of private suggestions sent to me. > > > > The first is to create a raw-query-pr.cgi that will just serve up one > > PR in raw format with no links to this page. > > > > The second is to add another parameter to query-pr that changes > > quarterly. pass=bluestarts this quarter, pass=yellowdiamons next, etc > > (well, we wouldn't use the ingrediants to lucky charms as a > > password). This level of security is the same that exist on certain > > invitation only IRC channels that are out there. Someone has to tell > > you the password, and the password changes from time to time. Since > > developer mail is project confidencial, I would guess it would be > > sufficient to email the new password once a quarter. > > I have another idea. Committers could add a world-readable > ~/.querypr.pass to their home directories containing a string that > authenticates them for seeing email addresses. Then we have some method > to "login" (ie, set a cookie) that lasts for a month. That method just > checks that the string in the cookie matches the string in > ~/.querypr.pass. > > Anyway, I think that the general consensus is that the current code I've just done this. Any feedback on the idea floated above welcome, otherwise we'll just stick with the status quo, I guess. Ceri -- Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. -- Einstein (attrib.) [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDkua7ocfcwTS3JF8RAgvjAJ9JFSzfp3BcPzFNt4bodz1eI6mijgCbB9hF Rg8KVHWCx58qwHMIfpei7WA= =SDhJ -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051204125315.GB51395>