On Thu, 08 Feb 2007 10:52:39 +
Gervase Markham [EMAIL PROTECTED] wrote:
- websites-security is created to deal with websites. Initial
membership is the same as webtools-security.
[Products: Websites]
Please do not include webtools-security in the membership of this
group.
Reed Loden wrote:
The subscription list of [EMAIL PROTECTED] is probably a
good start.
OK, let's use that. I've asked justdave to send me a list.
- update-security, renamed to addons-security, becomes used for
addons issues (both the servers and the addons themselves). No
change in
Reed Loden wrote:
I disagree with adding AUS to the main security group. By doing that,
you force the AUS developers to join the security group, which means
they have to deal with all the mass of mail/bugmail that comes through
for product stuff that does not affect AUS at all. Instead, I
Gervase Markham wrote:
Can anyone else see disadvantages to having six security groups? That
would basically be one per product for the non-end-user products:
Having to subscribe to at least some 3 or 4 security groups is a
pain...and higher the chance to miss on important topics...Are that
On Wed, 31 Jan 2007 13:39:09 +0200
Eddy Nigg (StartCom Ltd.) [EMAIL PROTECTED] wrote:
Having to subscribe to at least some 3 or 4 security groups is a
pain...and higher the chance to miss on important topics...
By security groups, we are talking about groups in our bug tracking
system
Gervase Markham wrote:
Reed Loden wrote:
I disagree with adding AUS to the main security group. By doing that,
you force the AUS developers to join the security group, which means
they have to deal with all the mass of mail/bugmail that comes through
for product stuff that does not affect AUS
On Wed, 31 Jan 2007 10:43:54 -0500
Christopher Aillon [EMAIL PROTECTED] wrote:
Can we get a good explanation as to how people will be flooded with
bugmail first? I fail to see how that is the case. Sure, if they
watch the security@ alias, but not with proper component watching and
mail
On Wednesday 2007-01-31 10:43 -0500, Christopher Aillon wrote:
Can we get a good explanation as to how people will be flooded with
bugmail first? I fail to see how that is the case. Sure, if they watch
the security@ alias, but not with proper component watching and mail
filtering. It's
Eddy Nigg (StartCom Ltd.) wrote:
Having to subscribe to at least some 3 or 4 security groups is a
pain...and higher the chance to miss on important topics...Are that many
really needed?
There seems to be some misunderstanding. These are not mailing lists one
subscribes to, but groups within
On Wed, 31 Jan 2007 10:03:29 -0800
L. David Baron [EMAIL PROTECTED] wrote:
Agreed. You don't want too few people in one of the security
groups, since that just makes it more likely that security-sensitive
bugs will go unnoticed because two of the three people with access
to them are on
Christopher Aillon wrote:
Gervase Markham wrote:
Reed Loden wrote:
I disagree with adding AUS to the main security group. By doing that,
you force the AUS developers to join the security group, which means
they have to deal with all the mass of mail/bugmail that comes through
for product stuff
Reed Loden wrote:
On Wed, 31 Jan 2007 10:43:54 -0500
Christopher Aillon [EMAIL PROTECTED] wrote:
Can we get a good explanation as to how people will be flooded with
bugmail first? I fail to see how that is the case. Sure, if they
watch the security@ alias, but not with proper component
On Wed, 31 Jan 2007 13:27:26 -0800
Dan Veditz [EMAIL PROTECTED] wrote:
Gervase Markham wrote:
At the moment, for example, I'm a member of webtools-security and
so I get mail whenever a LXR, Mozbot, etc. security bug is filed
even though I have nothing to do with those projects.
Maybe
Reed Loden wrote:
Actually, a better plan might be to separate Bugzilla from the rest
of the webtools, which is part of what has been proposed. Gerv is a
Bugzilla hacker, but he does not deal with the other webtools.
Currently, all the webtools (including Bugzilla) use webtools-security
and send
The Problem
---
We have various security groups in Bugzilla, which don't map too well to
the groups of people doing security work.
The Plan
We'd like to refactor the groups (without creating too many), as follows:
- Keep the current security group as-is, for holes in
On Tue, 30 Jan 2007 16:32:26 +
Gervase Markham [EMAIL PROTECTED] wrote:
- Keep the current security group as-is, for holes in Mozilla
products such as Firefox and Thunderbird, and adding AUS (given the
overlap of interested parties)
[Products: AUS, all in Client Software and
16 matches
Mail list logo
