On Mon, 2008-10-13 at 23:51 -0400, Behdad Esfahbod wrote: > > On Sun, Oct 12, 2008 at 10:00:25AM -0700, Toshio Kuratomi wrote: > >> When I brought this up, Bastien Nocera brought up security bugs and not > >> wanting random people to be CC'd before a security bug is resolved. How > >> should we deal with this? > > > I think the correct way to deal with this is that watchbugzilla should not > automatically CC user to bugs for the component, but instead modify the user's > bugzilla account to watch some special address like, eg for package pango, > pango-bugs@xxxxxxxxxxxx And the product pango changed to have > pango-bugs@xxxxxxxxxxx as default assignee or Q/A contact. This way we avoid > the security problem issue, as well as those inbox-filling mass changes to > remove people from CC lists or to change default assignee of the product. > > My 0.02CAD, I'll add my €0.02, that proposal sounds well. Nils -- Nils Philippsen "Those who would give up Essential Liberty to purchase Red Hat a little Temporary Safety, deserve neither Liberty nils@xxxxxxxxxx nor Safety." -- Benjamin Franklin, 1759 PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011 -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
