[webkit-dev] rolling out a buggy security patch

Gustavo Noronha Silva gns at gnome.org
Mon Mar 18 05:55:11 PDT 2013


On Ter, 2013-03-12 at 02:26 -0700, Maciej Stachowiak wrote:

> I am still curious who has access to the commit bot's bugzilla
> account. Is a small set of known people, is it a large set, is the
> password sitting around somewhere that others may get at it? I do not
> recall this being answered at the time, or perhaps I have forgotten.
> 
> 
> If the set with access is a small set of known people who are willing
> to be identified and be in the security group themselves (or already
> are), then I am personally fine with it.

I'm a bit late to the party but in my case, the EWS bots I maintain
(kov-gtk-ews and kov-ec2-gtk-ews) both have mail accounts to which only
I have access.

I used to run them using my GNOME email address, which meant they had
access to security bugs and processed security patches (since I have
access), but I decided to split them to a different account since
filtering of bugzilla mails that mattered to me was getting quite
complicated.

Cheers,

-- 
Gustavo Noronha Silva <gns at gnome.org>
GNOME Project



More information about the webkit-dev mailing list