On Mon, 11 Jun 2007 13:24:34 -0400
Josh Bressers <bressers(a)redhat.com> wrote:
> >
> >
> > How you can help.
>
> I've been wanting to help, but not sure of practices and procedures
> used.
>
> Perhaps we could clarify a few things for me:
>
>
> - Should the filed bug have a CC to the list? I guess you mentioned
> this above. I think it's probibly a good idea so folks can see the
> progress of fixes.
While I'm personally not a fan of this, if people want it, we should
probably do it.
Well, I find it nice to be able to see replies from maintainers that
they are looking at it, or need more info, etc.
I don't know how much traffic it will end up being tho when there is
more coverage. Might need re-evaluating if it's a gigantic pile.
>
> - Is there any key for the format of the audit cvs files?=20
Not really, look at what's there to get an idea of how it goes.
ok.
>
> - Is there any acl on the audit files? Who is allowed to update
> those?
Here is the current list:
avail | mjc,bressers,jorton,notting,sopwith,katzj,holtmann |
fedora-security avail | lkundrak | fedora-security
avail | jkeating,ausil,tibbs,kaboom,scop,questor | fedora-security
If you're willing to help, access can be granted.
Sure, I can assist. My FAS account is kevin...
> Well, if it will be listed in cvs, can't we just have folks
go and
> update as they process?
Ideally, yes. I however don't want people to duplicate work. I
suspect the easiest way is going to be for someone to just mark a
block of ids as what they're working on. Something like
**** bressers ****
CVE blah blah blah
... ===> Lots of CVE ids here
CVE blah blah blah
**** bressers ****
Check in some bits to make it known you're on it, then start wading
through the manure.
Yeah, that could work. We could use a wiki page, but since the cvs file
is there, it makes sense to me to just use that.
Thanks.
kevin