This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: Bug vandalism on sourceware.org bug tracker.
- From: Adhemerval Zanella <adhemerval dot zanella at linaro dot org>
- To: libc-alpha at sourceware dot org
- Date: Mon, 30 May 2016 09:50:54 -0300
- Subject: Re: Bug vandalism on sourceware.org bug tracker.
- Authentication-results: sourceware.org; auth=none
- References: <573AB8DD dot 1030203 at redhat dot com>
On 17/05/2016 03:23, Carlos O'Donell wrote:
> Andreas, Joseph, and Florian, I have granted all three of
> you emergency 'set editbugs' bugzilla permissions. If we
> get consensus on the process below I think we might just
> grant this to everyone.
>
> As some of you may know or have seen, we recently had some
> vandalism on the sourceware.org bug tracker [1].
>
> The vandalism has been undone, but the consequence is that
> future new users will not have 'editbugs' capabilities.
>
> New users will be able to create bugs, and comment on
> existing bugs but will not be able to change fields like
> version, component, etc.
>
> Bugzilla admins (Roland and myself) will be able to set
> 'editbugs' for new users that request this.
>
> Vandalism at the comment level can be removed with Tag:spam
> tagging. Vandalism at the bug level should be even easier to
> cleanup. It's the vandalism that changes important data that
> was costly this time around. We had 91 issues that were
> messed up and needed cleaning.
>
> I am considering the somewhat unorthodox self-organizing
> concept where we allow users to vouch for other users and
> grant them 'editbugs' in a similar strategy to the one we
> are using in the wiki. That would leave us with no single
> point of failure in an admin. In the meantime I may reach
> out to some of you and give you immediate emergency
> 'set editbugs' powers. This means you have the ability
> to set 'editbugs' for all users. It isn't exactly a
> self-organizing process because a bugzilla admin is still
> required to grant the original 'set editbugs' power,
> but it should be relatively easy to automatically grant
> that power to all users who have 'editbugs' (more
> automation).
>
> Thoughts?
>
Which is the correct way now to get editbug capabilities now
without an email account from the whitelist domain? Asking
for someone voucher?