During a review of a branch that pertained to the disclosure feature, William and I discovered that we really do not know what an all powerful user like an admin would see when viewing a private apport bug. We also did not know how the admin could change the bugs policy. Part of the issue is that we had decided not to change the UI where possible, but I think we really do want to change the UI for managing the disclosure of bugs and branches.
We currently have two checkboxes, Private and Security that create 4
combined states:
Public
Public Security
Private Security
Private *something else*
Note that security is like a tag (as William says) because it classifies
the primary content of the bug. We often forget this when designing who
people will manage the disclosure pages. The security policy in the new
access mechanism honours the current behaviour...we actually mean
security data that is *also* private.
We official offer the first 3 states to all projects. The
Private-something-else case is pertinent to about 300 projects in
Launchpad because we mean "proprietary". Private bugs and branches are
offered to all projects with a commercial subscription for a
*proprietary* license. The license type is not a requirement, it
illustrates the primary use case for private bugs. Proprietary
information is only private, once it is public, it has ceased to be
proprietary
We know that Ubuntu took advantage of defects in Launchpad's current
behaviour to have created an apport privacy policy. Will will continue
to support it, but it is not in described by the UI currently. We could
replace the two checkboxes with a selection overlay that describes the
choices that we intend to support:
Public
Everyone can see this bug
Public Security
Everyone can see this security related bug
Private Security
Only users in the project's security policy can see this bug
Proprietary
Only users in the project's proprietary policy can see this bug
Apport
Only users in the project's apport policy can see this bug
The privacy ribbon would clearly state that bug is private because it is
a security concern, proprietary, or being processed by apport.
We do not need to show all of these in the UI to everyone, but I expect
admins to see all of these when looking at an Ubuntu bug. Launchpad
provides the first three states to all projects. The Proprietary could
be shown only to projects we have enabled it for. Apport can only be
used by Ubuntu, though we can imaging many projects wanting a reporter
process that sanitises user bugs before they can be seen by a larger group.
We know there are hundreds of private-non-security bugs in
non-proprietary projects. We tolerate this because users make bugs
private to *protect* other users. The privacy state is also used to mean
the bug contains personal information, spam, or abuse. We will not stop
users from doing the right thing without offering a replacement feature
for this issue. We will introduce additional confusion about these
private bugs if we remove the confusion about *why* a bug is private.
This is really a separate issue, see
https://lists.launchpad.net/launchpad-dev/msg08404.html
--
Curtis Hovey
http://launchpad.net/~sinzui
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : launchpad-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
