This is the mail archive of the
mailing list for the glibc project.
Re: Bug vandalism on sourceware.org bug tracker.
- From: Adhemerval Zanella <adhemerval dot zanella at linaro dot org>
- To: libc-alpha at sourceware dot org
- Date: Mon, 30 May 2016 09:50:54 -0300
- Subject: Re: Bug vandalism on sourceware.org bug tracker.
- Authentication-results: sourceware.org; auth=none
- References: <573AB8DD dot 1030203 at redhat dot com>
On 17/05/2016 03:23, Carlos O'Donell wrote:
> Andreas, Joseph, and Florian, I have granted all three of
> you emergency 'set editbugs' bugzilla permissions. If we
> get consensus on the process below I think we might just
> grant this to everyone.
> As some of you may know or have seen, we recently had some
> vandalism on the sourceware.org bug tracker .
> The vandalism has been undone, but the consequence is that
> future new users will not have 'editbugs' capabilities.
> New users will be able to create bugs, and comment on
> existing bugs but will not be able to change fields like
> version, component, etc.
> Bugzilla admins (Roland and myself) will be able to set
> 'editbugs' for new users that request this.
> Vandalism at the comment level can be removed with Tag:spam
> tagging. Vandalism at the bug level should be even easier to
> cleanup. It's the vandalism that changes important data that
> was costly this time around. We had 91 issues that were
> messed up and needed cleaning.
> I am considering the somewhat unorthodox self-organizing
> concept where we allow users to vouch for other users and
> grant them 'editbugs' in a similar strategy to the one we
> are using in the wiki. That would leave us with no single
> point of failure in an admin. In the meantime I may reach
> out to some of you and give you immediate emergency
> 'set editbugs' powers. This means you have the ability
> to set 'editbugs' for all users. It isn't exactly a
> self-organizing process because a bugzilla admin is still
> required to grant the original 'set editbugs' power,
> but it should be relatively easy to automatically grant
> that power to all users who have 'editbugs' (more
Which is the correct way now to get editbug capabilities now
without an email account from the whitelist domain? Asking
for someone voucher?