(Igor jumped into the Bugzilla developers IRC channel, so that's why I heard about this thread.)
Ian said: "I'm willing to provide you with a dump of gcc's bugzilla database if you can give me the exact command to run." Sorry, but I have to object! It's not ok to give anyone a plain dump of the GCC Bugzilla database for studies or any other reason without some sanity check. The Bugzilla database contains all the user account passwords and preferences, as well as group permissions. Such a copy of the DB would give the possibility to try to crack the passwords locally, though the encryption is supposed to be very secure. This means that a local access to the DB allows one to skip throttling when someone starts typing the wrong password again and again, decreasing the time needed to crack passwords. Moreover, having access to group permissions means to be able to know who are admins and to try to abuse these accounts in GCC Bugzilla itself. This is a security breach. Bugzilla offers no special tools to generate a sanitized copy of the DB, so one shouldn't try to create a dump of the DB and spread it without a very good knowledge of Bugzilla internals. LpSolit
