Comment 7 for bug 61909
Revision history for this message
| Martin Pitt (pitti) wrote Re: [Bug 61909] Re: Security subscription should be implicit | #7 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
HI,
Matt Zimmerman [2007-01-08 16:26 -0000]:
> On Fri, Jan 05, 2007 at 12:48:50PM -0000, Christian Reis wrote:
> > How would this work? Currently, if the bug is private, then the
> > subscribers are always explicit. Are you suggesting to change that rule
> > to be: if the bug is private but it is security-related then implicitly
> > subscribe (and give access to) the related security contact?
>
> Given that security is the primary use case for private bugs, this exception
> seems worthy of consideration.
Indeed I have the feeling that the number of unjustified
security/private bugs went down a bit, but there are still enough to
be a (minor) annoyance.
What about if the 'security' flag simply entails an implicit
subscription to the product's security contact, independently of
privacy? Then unsubscription would be an one-step procedure, and the
simple rule only involves one flag and is easy to understand. This
would make it impossible for the security team to stop getting mail
for a particular security bug they are not interested in, but this
seems like a corner case to me. I certainly don't mind being informed
about universe security issue progress even though I mostly do not
work on them. Kees, what about you?
Pitti