Hi! I think the way security/private issues are implemented now in bugs DB is wrong. It allows only access to a handful of people, and many package maintainers and people that know the code in question are excluded. This makes promptly handling bugs very hard. I propose one of:
1. Adding a lot more people to trusted list 2. Implementing functionality allowing to add people to private bug on per-bug basis. As a stepping stone for (2) I think we should always allow access to the person the bug is assigned to. If I hear no objections, I'll implement it first (the full fix probably requires DB access which I don't have). Thoughts? -- Stas Malyshev smalys...@gmail.com -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
