Closed Bug 284640 Opened 20 years ago Closed 14 years ago

RFE: Security: insidergroup issue - need two insidergroup types

Categories

(Bugzilla :: User Interface, enhancement)

Product:
Bugzilla
Component:
User Interface
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 545176

People

(Reporter: kbenton, Unassigned)

Details

Administrators are currently unable to create two different kinds of
insidergroups - one that can only set (not clear) privacy flags for comments
they personally made, and a second that can set/update all privacy flags on all
comments for bugs in their respective groups.

With my third party gateway, it is important that all company employees and
third parties can set privacy flags on the comments they're making limiting who
can see those comments.  The problem is - at this point, any person with direct
access to Bugzilla at my company can clear one of those flags because I need to
be able to give them all the ability to set the privacy flags.  As a result, I
need to be able to restrict those who can change privacy flags on comments to
management.  That way, if an employee becomes disgruntled wanting to do damage,
they aren't able to use Bugzilla as a tool to disclose intellectual property /
trade secrets to third parties.
note that anyone who plans to be disgruntled could save the information for a
rainy day; have you scanned your logs lately? :)
Timeless - that's not the point of the request.  I can't keep people from
intentionally doing bad things, but I sure as heck can make it more difficult
for them to use Bugzilla to do it. :)
Severity: major → enhancement
Assignee: myk → ui
Explicitly adding people to such a group is probably overkill. Bug 545176 is a preferred solution, IMO.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.