Re: [Mesa-dev] Proposal: allow hidden security bugs on Mesa's Bugzilla

2012-12-01 Thread Benoit Jacob
On 12-11-30 06:46 PM, Brian Paul wrote: On 11/30/2012 01:16 PM, Benoit Jacob wrote: On 12-11-30 12:13 PM, Jerome Glisse wrote: On Fri, Nov 30, 2012 at 7:43 AM, Benoit Jacobbja...@mozilla.com wrote: On 12-11-23 02:21 PM, Benoit Jacob wrote: On 12-11-21 12:48 PM, Chad Versace wrote: On

Re: [Mesa-dev] Proposal: allow hidden security bugs on Mesa's Bugzilla

2012-12-01 Thread Brian Paul
On 11/30/2012 01:16 PM, Benoit Jacob wrote: On 12-11-30 12:13 PM, Jerome Glisse wrote: On Fri, Nov 30, 2012 at 7:43 AM, Benoit Jacobbja...@mozilla.com wrote: On 12-11-23 02:21 PM, Benoit Jacob wrote: On 12-11-21 12:48 PM, Chad Versace wrote: On 11/20/2012 09:29 AM, Benoit Jacob wrote: Any

Re: [Mesa-dev] Proposal: allow hidden security bugs on Mesa's Bugzilla

2012-11-30 Thread Benoit Jacob
On 12-11-23 02:21 PM, Benoit Jacob wrote: On 12-11-21 12:48 PM, Chad Versace wrote: On 11/20/2012 09:29 AM, Benoit Jacob wrote: Any questions? Do you support or oppose me asking FD.o admins to allow hidden bugs on Mesa's bugzilla? Benoit I support this. It seems a sensible proposal for

Re: [Mesa-dev] Proposal: allow hidden security bugs on Mesa's Bugzilla

2012-11-30 Thread Marek Olšák
I can see that the security test bug is assigned to mesa-dev by default, so all comments go to the mailing list. I don't thínk that's desirable. Marek On Fri, Nov 30, 2012 at 1:43 PM, Benoit Jacob bja...@mozilla.com wrote: On 12-11-23 02:21 PM, Benoit Jacob wrote: On 12-11-21 12:48 PM, Chad

Re: [Mesa-dev] Proposal: allow hidden security bugs on Mesa's Bugzilla

2012-11-30 Thread Benoit Jacob
Aaargh On 12-11-30 07:55 AM, Marek Olšák wrote: I can see that the security test bug is assigned to mesa-dev by default, so all comments go to the mailing list. I don't thínk that's desirable. Marek On Fri, Nov 30, 2012 at 1:43 PM, Benoit Jacob bja...@mozilla.com wrote: On

Re: [Mesa-dev] Proposal: allow hidden security bugs on Mesa's Bugzilla

2012-11-30 Thread Jerome Glisse
On Fri, Nov 30, 2012 at 7:43 AM, Benoit Jacob bja...@mozilla.com wrote: On 12-11-23 02:21 PM, Benoit Jacob wrote: On 12-11-21 12:48 PM, Chad Versace wrote: On 11/20/2012 09:29 AM, Benoit Jacob wrote: Any questions? Do you support or oppose me asking FD.o admins to allow hidden bugs on

Re: [Mesa-dev] Proposal: allow hidden security bugs on Mesa's Bugzilla

2012-11-30 Thread Benoit Jacob
On 12-11-30 12:13 PM, Jerome Glisse wrote: On Fri, Nov 30, 2012 at 7:43 AM, Benoit Jacob bja...@mozilla.com wrote: On 12-11-23 02:21 PM, Benoit Jacob wrote: On 12-11-21 12:48 PM, Chad Versace wrote: On 11/20/2012 09:29 AM, Benoit Jacob wrote: Any questions? Do you support or oppose me

Re: [Mesa-dev] Proposal: allow hidden security bugs on Mesa's Bugzilla

2012-11-23 Thread Benoit Jacob
On 12-11-21 12:48 PM, Chad Versace wrote: On 11/20/2012 09:29 AM, Benoit Jacob wrote: Any questions? Do you support or oppose me asking FD.o admins to allow hidden bugs on Mesa's bugzilla? Benoit I support this. It seems a sensible proposal for addressing security bugs. Thanks. I have

Re: [Mesa-dev] Proposal: allow hidden security bugs on Mesa's Bugzilla

2012-11-21 Thread Chad Versace
On 11/20/2012 09:29 AM, Benoit Jacob wrote: Any questions? Do you support or oppose me asking FD.o admins to allow hidden bugs on Mesa's bugzilla? Benoit I support this. It seems a sensible proposal for addressing security bugs. ___ mesa-dev

[Mesa-dev] Proposal: allow hidden security bugs on Mesa's Bugzilla

2012-11-20 Thread Benoit Jacob
List, I was told to send this to freedesktop.org admins, but as I fully expect that this will be controversial among some Mesa developers, I thought that I would write to this list first and check that there is enough agreement here. WebGL-enabled browsers have faced security bugs in all drivers

Re: [Mesa-dev] Proposal: allow hidden security bugs on Mesa's Bugzilla

2012-11-20 Thread Alan Coopersmith
On 11/20/12 09:29 AM, Benoit Jacob wrote: Both solutions are poor, and a better solution would be for Mesa's bugzilla to allow hidden security bugs so we could work there. Given that security bug discussion can't be open, that is the least bad solution possible. For what it's worth, Mesa