Re: Early December Commitfest app release
Magnus Hagander <magnus@hagander.net>
From: Magnus Hagander <magnus@hagander.net>
To: Jelte Fennema-Nio <me@jeltef.nl>
Cc: Jacob Champion <jacob.champion@enterprisedb.com>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2025-11-15T18:11:33Z
Lists: pgsql-hackers
On Sat, Nov 15, 2025, 17:36 Jelte Fennema-Nio <me@jeltef.nl> wrote: > On Sat, Nov 15, 2025, 07:05 Magnus Hagander <magnus@hagander.net> wrote: > >> Yes, IIRC we had security complaints about people being able to enumerate >> all users without being logged in. Since it's not just users who submitted >> any data, it was enough to just having clicked a link once... >> > > I think the "without being logged in" is a pretty tiny hurdle for anyone > interested in this data. It's trivial to create one. IMO pretending that > locking it down behind a login improves security/privacy is actively > unhelpful to anyone worried about that. And at the same time it breaks the > experience for non-logged in users, without letting them know that they > should log in. > Agreed in principle, but it does make it a lot easier for scrapers. And I think that was the main concern at the time (it's been a while so my memory could be off on the details of course). I'm kinda curious who's actually worried about that data being public > though. It's only names and usernames. > Again with the bad memory, but could it be that it at one point included emails, and we have independently changed that? > > If it was restricted to only show those that had actually submitted into >> it would've probably been considered OK - but at the time it was not >> considered to be worth the effort to split those up. >> > > I might just go and do that. > I think that would remove the whole argument so yeah if that ends up not being too hard it's probably the easiest way out. /Magnus