On 8/22/2012 7:12 PM, Al Billings wrote:
On 8/22/12 3:23 PM, Justin Lebar wrote:
It seems like I can't push my security bug to tryserver until after I
get approval, since that would have the same problem as landing on
m-c.
This is currently a problem since the proposal codifies a way of dealing
with our current issue, which is accidental exposure. In other words, we
already run the risk of exposure by pushing to tryserver, whether this
new policy is adopted or not (just as we do when people check into
mozilla-central with a security bug at a bad time in the cycle).
Al
Time for an ldap-protected Try-sg or something?
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
