Re: Bug vandalism on sourceware.org bug tracker.

[Adhemerval Zanella <adhemerval dot zanella at linaro dot org>]

On 17/05/2016 03:23, Carlos O'Donell wrote:
> Andreas, Joseph, and Florian, I have granted all three of
> you emergency 'set editbugs' bugzilla permissions. If we
> get consensus on the process below I think we might just
> grant this to everyone.
> 
> As some of you may know or have seen, we recently had some 
> vandalism on the sourceware.org bug tracker [1]. 
> 
> The vandalism has been undone, but the consequence is that
> future new users will not have 'editbugs' capabilities.
> 
> New users will be able to create bugs, and comment on
> existing bugs but will not be able to change fields like
> version, component, etc. 
> 
> Bugzilla admins (Roland and myself) will be able to set
> 'editbugs' for new users that request this.
> 
> Vandalism at the comment level can be removed with Tag:spam
> tagging. Vandalism at the bug level should be even easier to 
> cleanup. It's the vandalism that changes important data that
> was costly this time around. We had 91 issues that were 
> messed up and needed cleaning.
> 
> I am considering the somewhat unorthodox self-organizing
> concept where we allow users to vouch for other users and
> grant them 'editbugs' in a similar strategy to the one we
> are using in the wiki. That would leave us with no single
> point of failure in an admin. In the meantime I may reach
> out to some of you and give you immediate emergency 
> 'set editbugs' powers. This means you have the ability
> to set 'editbugs' for all users. It isn't exactly a
> self-organizing process because a bugzilla admin is still
> required to grant the original 'set editbugs' power,
> but it should be relatively easy to automatically grant
> that power to all users who have 'editbugs' (more
> automation).
> 
> Thoughts?
> 

Which is the correct way now to get editbug capabilities now
without an email account from the whitelist domain? Asking
for someone voucher?