On Mon, Jul 06, 2009 at 02:14:27PM -0400, Tom Lane wrote: > Peter Lemenkov <lemenkov@xxxxxxxxx> writes: > > Why we should approve manually requests to watching bugzilla and cvs > > changes for packages? I'm sure we need to change policy in order to > > automatically approve all such requests. > > Isn't there a security issue there? I'm not sure I want any random > person watching every bz or commit I make. Anyone with a BZ account can already watch every BZ you have Preferences -> Email Preferences -> Add users to my watch list pkgdb just makes it more fine grained, so you can watch individual components instead of having to find the owner and watch everything they own NB, the email watches don't allow them to snoop on bugs with restricted group visibility, so they shouldn't be able to see bugs restrict to the 'Security Sensitive Bug' group IIUC. Regards, Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
