On 03/04/15 17:52, Monty Taylor wrote:
Could do better: ACLs for Vulnerability management
>>--------------------------------------------------
<snip>
>
>I'd love to learn how wikimedia is working with this.
http://www.mediawiki.org/wiki/Phabricator/Security
tl;dr They have added a security dropdown to task filing that triggers
some policy actions. I betcha we could copy theirs.
Hello,
At Wikimedia we definitely had the requirement of having internal bugs,
we have two kinds of them:
* security vulnerability that will eventually be disclosed / made public
* private / sensitive information we want to keep in (contracts,
personal informations etc)
We ended up writing our own extension which is in our Gerrit as
phabricator/extensions/security.git the README:
http://git.wikimedia.org/blob/phabricator%2Fextensions%2Fsecurity.git/master/README
The wiki page you found is appropriate.
The main author is Mukunda Modell or twentyafterfour on IRC. I am not
sure how much available spare time he has though.
--
Antoine "hashar" Musso
_______________________________________________
OpenStack-Infra mailing list
OpenStack-Infra@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra