[rt-users] editing tickets (comments and replies) - I know the answer, but dont understand why...
Ruslan Zakirov
ruslan.zakirov at gmail.com
Mon Jan 2 17:05:47 EST 2006
It's easy to implement "edit record" button, but it's hard to make
things around this button.
Consider situation: you add reply "it'll cost you 1000$" with misstake
(there should be 10000$). you submit message, see error and this
button. What are you doing? Click and change? Can you? Would RT notify
about change? What would be in notification? Do you want to think
about notifications at all?
Now, you don't need to think about all this. You just press reply
again and write something like "I'm terribly sorry, I've done
misstake. Price is 10000$." No one automated diff algorithm generate
that for you.
On 1/3/06, Scott Courtney <scott at 4th.com> wrote:
> On Monday 02 January 2006 12:25, Duncan Shannon wrote:
> > Does the Average RT user need the system to have the same level of
> > integrity and inability to change info to the level of an accounting
> > system? I'd be suprosed if the integrity of the data was that
> > importiant to most of the RT crowd. Anyone?
>
> I use RT in a corporate setting and also in a nonprofit org setting. In
> the former case, we care about the auditability internally. In the latter
> case, not at all.
>
> I'm puzzled by the notion that disallowing even an RT sysadmin to delete
> or alter content is perceived as somehow providing a level of legal
> chain of evidence. All of RT's data is stored in a relational database,
> so anyone who has INSERT, DELETE, or UPDATE access on the tables can
> already munge the data anyway they want. The source code and schema are
> published information, so it's not even security-through-obscurity. We
> place trust in our sysadmins not to touch the data, but at many sites the RT
> admin also has DBA privileges on the back-end database.
>
> IANAL, but I would be *very* surprised if RT's lack of a "friendly" delete/
> alter feature would make RT hold up in court as an unalterable audit trail.
> All the opposing lawyer would have to do is point out how easily the data
> could be modified in direct SQL, and that would finish that argument. Just
> because it requires technical knowledge to alter the data doesn't mean a
> court would believe it to be impossible. You can still put the sysadmin on
> the witness stand and ask, under oath, "Did you alter the data?" That tactic
> doesn't rely on RT somehow providing a false sense of non-alterability.
>
> The only really good mechanisms to achieve nonrepudiation of transactions rely
> on public key cryptography to digitally sign the transaction. AFAIK, RT doesn't
> have that capability right now -- and even if it did, the courts are still not
> settled on just how heavily to weigh evidence that is digitally signed.
>
> My opinion, therefore, is that an option to alter or delete should be available
> as a high-level privilege, by default available only to superusers but able
> to be delegated to others like any other permission. If a site doesn't want
> people deleting things, then they should leave this permission available only
> to the superuser and then not hand out the superuser privilege.
>
> For those subject to spammers creating tickets and userids in RT, the ability
> to truly purge that junk rather than just making it invisible would be an
> incredibly useful feature.
>
> Scott
>
> --
> ------------------------------------------------------------------------------
> Scott Courtney | "I don't mind Microsoft making money. I mind them
> scott at 4th.com | having a bad operating system." -- Linus Torvalds
> http://4th.com/ | ("The Rebel Code," NY Times, 21 February 1999)
> | PGP Public Key at http://4th.com/keys/scott.pubkey
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Be sure to check out the RT Wiki at http://wiki.bestpractical.com
>
> Download a free sample chapter of RT Essentials from O'Reilly Media at http://rtbook.bestpractical.com
>
> WE'RE COMING TO YOUR TOWN SOON - RT Training in Amsterdam, Boston and
> San Francisco - Find out more at http://bestpractical.com/services/training.html
>
--
Best regards, Ruslan.
More information about the rt-users
mailing list