Are there any security problems with Bugzilla?
The Bugzilla code has not undergone a complete security audit. It is recommended that you closely examine permissions on your Bugzilla installation, and follow the recommended security guidelines found in The Bugzilla Guide. A.6.3. I’ve implemented the security fixes mentioned in Chris Yeh’s security advisory of 5/10/2000 advising not to run MySQL as root, and am running into problems with MySQL no longer working correctly. This is a common problem, related to running out of file descriptors. Simply add “ulimit -n unlimited” to the script which starts mysqld. 7.
The Bugzilla code has undergone a reasonably complete security audit, and user-facing CGIs run under Perl’s taint mode. However, it is recommended that you closely examine permissions on your Bugzilla installation, and follow the recommended security guidelines found in The Bugzilla Guide. A.3.3. I’ve implemented the security fixes mentioned in Chris Yeh’s security advisory of 5/10/2000 advising not to run MySQL as root, and am running into problems with MySQL no longer working correctly. This is a common problem, related to running out of file descriptors. Simply add “ulimit -n unlimited” to the script which starts mysqld. 4.
The Bugzilla code has not undergone a complete security audit. It is recommended that you closely examine permissions on your Bugzilla installation, and follow the recommended security guidelines found in The Bugzilla Guide. A.6.3. I’ve implemented the security fixes mentioned in Chris Yeh’s security advisory of 5/10/2000 advising not to run MySQL as root, and am running into problems with MySQL no longer working correctly. This is a common problem, related to running out of file descriptors. Simply add “ulimit -n unlimited” to the script which starts mysqld. 7.
