[rt-users] Removing content from client messages

[Carl, Roger]

We would like to be able to clean up what is in a ticket too.  I understand
that allowing someone to pull up a section of the comments would probably be
technically difficult and would raise security questions.  It would also
make the RT 'master' copy different than what has been transmitted through
email.  You could mitigate some of those issues by keeping versions of each
comment section and restricting who has the ability to invoke an 'edit'.

-----Original Message-----
From: Anne Wilson [mailto:anne at unidata.ucar.edu] 
Sent: Tuesday, December 14, 2004 7:46 PM
To: Rick Rezinas
Cc: rt-users at lists.bestpractical.com
Subject: Re: [rt-users] Removing content from client messages

Yeah, we can't do it before the ticket receiver sees it because that 
person needs the info for support purposes and also to identify any 
sensitive strings.

I guess what would be ideal would be if, once someone owns a ticket, 
after any further email from that client RT would somehow query the user 
to invoke the "sanitize" function.  (This is assuming no one would send 
us sensitive info in an initial contact.)  So, after each subsequent 
exchange with a client RT would ask "Sanitize?" and if the user said yes 
it would query for a string and sanitize it in the db.
Any idea how hard would it be to add such a hook to RT? (assuming we 
write the actual sanitizing code).

Anne



Rick Rezinas wrote:
> you can probably  in the mailgate script, unless you want the sensitive
> information visible to the person who receives the ticket initially but
> do not want it stored in the database, in which case you'll need to
> delve deeper.
> 
> On Tue, 2004-12-14 at 16:22, Anne Wilson wrote:
> 
>>Thanks Todd,
>>
>>Yes, looks like it'll have to be through accessing the db directly.  We 
>>don't want to delete messages entirely because we want the history.
>>
>>As I mentioned to Jason D., I think we'd have to write a tool that takes 
>>as input the string we want to sanitize.  The tricky part would be 
>>remembering to do that at the right time.  Would that be a function we 
>>could call from a scrip?  Or, would we have to get deeper into the code 
>>to call such a function at the "right time" from RT?
>>
>>Anne
>>
>>
>>

-- 
***************************************************
Anne Wilson			UCAR Unidata Program		
anne at unidata.ucar.edu		       P.O. Box 3000
               			  Boulder, CO  80307
----------------------------------------------------
Unidata WWW server       http://my.unidata.ucar.edu/
****************************************************

_______________________________________________
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Be sure to check out the RT wiki at http://wiki.bestpractical.com


------------ PGI  Internet E-mail Confidentiality ------------ Please note:
This message may contain information which is privileged and confidential.
If you are not the intended recipient, you are hereby notified that any
dissemination, distribution or copying of this communication is strictly
prohibited. If you believe you have received this message in error, please
forward to Postmaster at pginw.com. 

------------ Confidencialidad de Correo Electronico de PGI ------------
Nota: Este mensaje puede contener informacion privilegiada y confidencial.
Si usted no es el destinatario, esta notificado que cualquier diseminacion,
distribucion o copia de esta comunicacion esta estrictamente prohibida. Si
usted cree que ha recibido este mensaje por error, por favor reenvielo a
Postmaster at pginw.com. (Informacion intencionalmente sin acentos) 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20041215/0e3ce2b0/attachment.htm>