Alan Coopersmith writes: > James Carlson wrote: > > Valerie Bubb Fenwick writes: > >> We am looking at things that are missing from bugzilla > >> that would hold us back from using this as the sole > >> bugtracking tool for Solaris/OpenSolaris, instead of > >> the two we are using now. > > > > In addition to Danek's fairly complete comparison (and I agree that > > treating RFE as a "severity" is really weird): > > > > "Can't Live Without" > > > > We use that "security" flag to bowdlerize bug reports. Bugzilla > > seems to have no equivalent. > > It's not setup in our bugzilla yet, but I actually prefer the way this is > handled in the bugzilla installation we use at X.Org over the bugster way - > security bugs are flagged as private to the security team until advisory > release, once the advisory is public, the flag is removed and the bug becomes > publicly visible.
That does sound like a nice feature to add. > Anything that really needs to stay permanently secret isn't really a security > handling issue, but just another instance of the general "handling > confidential > data" issue, along with customer & partner confidential information. Agreed; it's unrelated. It's just a special hammer used for one type of problem. -- James Carlson, Solaris Networking <james.d.carl...@sun.com> Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677 _______________________________________________ tools-discuss mailing list tools-discuss@opensolaris.org
