On Wed, 2011-06-22 at 12:16 -0700, Kees Cook wrote: > Are you considering this a tristate? public/private/security, or are > you > considering it as 2 booleans? public/private and > security/non-security? > I ask because I see the "security => public" transition mention above, > and > that doesn't make sense to me. :)
Indeed I think this will operate like a tri-state, though the bools can remain in the schema. > Most security issues are public. Some aren't. Security issues must > start > their life as private so that there is no initial leak if a reporter > wishes > it to be private. Understood. I think we want public + security to be visible to everyone. Private + security is visible only to security. Private - security will be visible only to the bug supervisors, but all users in project roles will be able to see the private bug when project level permissions are available. -- __C U R T I S C. H O V E Y___________ No matter where you go...there you are. _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : launchpad-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
