Whenever I am logged into bugzilla I have access to security bugs. It should be possible to leave a bugzilla account logged in and only require 2FA to temporarily elevate privilege to access security bugs. It would be similarly useful if it were possible to create low privilege bugzilla API keys that can't access security bugs.
Assignee: general → nobody
Component: Bugzilla-General → General
Product: Bugzilla → bugzilla.mozilla.org
QA Contact: default-qa
Version: unspecified → Production
You need to log in before you can comment on or make changes to this bug.