Comment 3 for bug 631085

Revision history for this message
Jelmer Vernooij (jelmer) wrote : Re: [Bug 631085] [NEW] revid contains email address and is displayed publicly

On Sun, 2010-09-05 at 19:57 +0000, janisozaur wrote:
> *** This bug is a security vulnerability ***
>
> Private security bug reported:
>
> I'm a launchpad user and I have a project that I commit to. I use bzr as dvcs.
> Even though my privacy settings say that my email address is not disclosed to others, it may be viewed publicly when browsing my commits, as they start with my email address.
> A workaround is to set different email address, but this disables launchpad's ability to click on revision author to see his/her profile.
Launchpad's links to the authors launchpad page are not based on the
revision id but on the author email address in the committer/author
fields of the commit.

> Possible solutions that come to my mind at this time would be:
> * altering bzr revid format (at least hashing email address, though it is not as secure as it might seem at first glance - there is a website that displays user nickname and hash of his email. a simple check nickname@[gmail, yahoo, msn, ...].com is about 70-80% accurate. there was a link to a study on that once, but I can't find it)
We could have an option (or all commits?) to not include an email
address in any way in the revision id.

Cheers,

Jelmer