Closed
Bug 769152
Opened 12 years ago
Closed 12 years ago
"Web Apps" product security group should not be webtools-security
Categories
(bugzilla.mozilla.org :: Administration, task)
Tracking
()
RESOLVED
FIXED
People
(Reporter: dveditz, Assigned: dkl)
Details
Currently webtools-security seems to be the only secure group for the product Web Apps, and it's definitely the default group for newly filed security bugs. webtools is the wrong category of things for this product. I'm a bit torn on whether this should be core-security or client-services-security. "core-security" was my first thought because the app mechanism is going to be built into our clients, but the most core-ish bits, the "Desktop Runtime" component, got moved into the Firefox bugzilla product. Looking at the remaining components "client-services-security" seems like a reasonably good fit: there are both app package and server aspects to this product. Might want to get buy-in from the people working on the product first, though. CC'ing Lucas and Ragavan.
Assignee | ||
Comment 1•12 years ago
|
||
This will require some minor code changes to do this which I am happy to do once we get approval from Lucas and Ragavan. So sooner the better so we can get it into next weeks code push to production. dkl
Comment 2•12 years ago
|
||
Makes sense to me. I'd go with Dan's recommendation.
Assignee | ||
Comment 3•12 years ago
|
||
With Lucas' approval, should we go ahead with this then? dkl
Comment 4•12 years ago
|
||
Lack of dissent implies consent. :)
Assignee | ||
Updated•12 years ago
|
Assignee: nobody → dkl
Status: NEW → ASSIGNED
Assignee | ||
Comment 5•12 years ago
|
||
This will go into effect after this weeks code push. Committing to: bzr+ssh://dlawrence%40mozilla.com@bzr.mozilla.org/bmo/4.0 modified extensions/BMO/lib/Data.pm Committed revision 8236. Committing to: bzr+ssh://dlawrence%40mozilla.com@bzr.mozilla.org/bmo/4.2 modified extensions/BMO/lib/Data.pm Committed revision 8239. dkl
Assignee | ||
Updated•12 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 6•12 years ago
|
||
I edited the product to add the client-services-security group as "Shown/NA" -- not sure what happens if the default security bugs are filed into a group that isn't accessible on the product (maybe just means the group can't be removed?). Oddly the product has the webtools-security group set to Default/NA which I haven't run across in BMO, but seems to make it so that when someone in the webtools-security group (such as myself) files a new bug it automatically ends up as a hidden bug. I don't know who created the product so I don't know if it's set that way by mistake or if there's a deeper meaning to it. I left it alone because I expect to remove that group from the product entirely after the code from comment 5 goes live.
Comment 7•12 years ago
|
||
(In reply to Daniel Veditz [:dveditz] from comment #6) > I edited the product to add the client-services-security group as "Shown/NA" > -- not sure what happens if the default security bugs are filed into a group > that isn't accessible on the product (maybe just means the group can't be > removed?). > > Oddly the product has the webtools-security group set to Default/NA which I > haven't run across in BMO, but seems to make it so that when someone in the > webtools-security group (such as myself) files a new bug it automatically > ends up as a hidden bug. I don't know who created the product so I don't > know if it's set that way by mistake or if there's a deeper meaning to it. I > left it alone because I expect to remove that group from the product > entirely after the code from comment 5 goes live. It went live last night. You're clear to remove both core-security and webtools-security.
You need to log in
before you can comment on or make changes to this bug.
Description
•