•  
      epic #8430 Lightweight artifact update by email
    Summary
    Lightweight artifact update by email
    Empty

    Overview

    Actions done by email (creation/update) are, by design, unsecure as there is no guarranty that sender can be spoofed. The only possibility to make it secure is to GPG sign a message.

    This feature will requires:

    • One configuration option at site admin to activate or not the feature (disabled and marked as unsecured by default)
    • On configuration option at tracker admin level to activate or not the feature (some trackers my not be as sensitive as other)
    • Identify/mark/taint artifacts created this way in case of future audit (email headers should be stored)
      • only siteadmin can see those information
    Progress
    Empty
    Empty
    Closed
    Details
    #8430
    Manuel Vacelet (vaceletm)
    2018-07-17 11:00
    2015-09-21 10:41
    Attachments
    Empty
    References

    Follow-ups

    User avatar
    • Description
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes
    • links