Closed Bug 576166 Opened 15 years ago Closed 12 years ago

Bounty and bounty-faq pages seem to conflict on alphas and nightlies

Categories

(www.mozilla.org :: General, defect)

Product:
www.mozilla.org
Component:
General
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: jruderman, Assigned: abillings)

Details

http://www.mozilla.org/security/bug-bounty.html "Security bug is present in the most recent supported, beta or release candidate version..." http://www.mozilla.org/security/bug-bounty-faq.html "CAN I GET THE BUG BOUNTY REWARD IF I DISCOVER A BUG IN AN ALPHA OR BETA RELEASE OR A NIGHTLY BUILD...? Yes, as long as the bug otherwise meets the published bug bounty program guidelines. (In particular, the bug must be reproducible in the latest nightly build and not previously reported.)"
We discussed this earlier and per meeting the FAQ clarifies the bug policy. Its fine for it to provide more details than the main policy. WFM
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → WORKSFORME
This seems more like a contradiction than a clarification. It's really confusing people, with bad effects: http://www.backtype.com/url/www.reddit.com%252fuser%252fmikemike/comment/00006bbad0001f33b79896da23a0d12d
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---
Closing old Mozilla.org website bugs due to them not being relevant to the new Python-based Bedrock system. Re-open if this is a critical bug and should be resolved on the new system too.
Status: REOPENED → RESOLVED
Closed: 15 years ago13 years ago
Resolution: --- → WONTFIX
This is a problem with the content, not a bug in the "old system".
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
Content lives here: http://viewvc.svn.mozilla.org/vc/projects/mozilla.org/trunk/security/bug-bounty.html?view=markup Can't this content be on the wiki instead of Mozilla.org? The Mozilla.org site should be for promotional content for our products and less about a place for content to live. This content existed on the deprecated PHP code-base that needs to be converted over to the Python templates or moved to another location on Mozilla's websites or wikis.
If it's on a wiki, what stops someone from upping the bounty to $100,000 just before they report a bug? ;)
(In reply to Jesse Ruderman from comment #7) > If it's on a wiki, what stops someone from upping the bounty to $100,000 > just before they report a bug? ;) hehe :) There is lot of important information we put on the wiki and that's what revision history is for, but you do have a valid point. It looks like dveditz does most of the commits to SVN in the security section and he could also make the content changes you request. is that something you can work with Dan on?
In the old mozilla.org working group, we always had that stance that official policy documents (like the bounty program one) belong on mozilla.org instead of the wiki because that gives them an "official" meaning and even if there's ways to restrict edits on a wiki, it's not transparent to readers that it's not a "anyone can edit anything in" page if it's on wiki.m.o.
(In reply to Robert Kaiser (:kairo@mozilla.com) from comment #9) > In the old mozilla.org working group, we always had that stance that > official policy documents (like the bounty program one) belong on > mozilla.org instead of the wiki because that gives them an "official" > meaning and even if there's ways to restrict edits on a wiki, it's not > transparent to readers that it's not a "anyone can edit anything in" page if > it's on wiki.m.o. The working group is the Websites team plus some other stakeholders. The only issue is that Mozilla.org is 3 servers put together with a lot Apache magic/redirects to make it work as one site for the short term. All of the security content and a lot of other pages are on the legacy PHP code and server that is deprecated. Python is the standard language now and we are doing everything with the Django web framework. This content needs to either be converted over to Django templates or moved to another server (sub-domain or wiki).
Component: www.mozilla.org → General
Product: Websites → www.mozilla.org
Assignee: nobody → abillings
OS: Mac OS X → All
Hardware: x86 → All
I think this was addressed in the last updates I did.
Status: REOPENED → RESOLVED
Closed: 13 years ago12 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.