[RFE] Auto-approve watchcommits and watchbugzilla in Pkgdb
Daniel P. Berrange
berrange at redhat.com
Mon Jul 6 18:27:28 UTC 2009
On Mon, Jul 06, 2009 at 02:14:27PM -0400, Tom Lane wrote:
> Peter Lemenkov <lemenkov at gmail.com> writes:
> > Why we should approve manually requests to watching bugzilla and cvs
> > changes for packages? I'm sure we need to change policy in order to
> > automatically approve all such requests.
>
> Isn't there a security issue there? I'm not sure I want any random
> person watching every bz or commit I make.
Anyone with a BZ account can already watch every BZ you have
Preferences -> Email Preferences -> Add users to my watch list
pkgdb just makes it more fine grained, so you can watch individual
components instead of having to find the owner and watch everything
they own
NB, the email watches don't allow them to snoop on bugs with restricted
group visibility, so they shouldn't be able to see bugs restrict to the
'Security Sensitive Bug' group IIUC.
Regards,
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
More information about the fedora-devel-list
mailing list