Bug 56370 - I can make any bug visiable to only eCos ASCOM PLC
I can make any bug visiable to only eCos ASCOM PLC
Status: CLOSED WONTFIX
Product: Bugzilla
Classification: Community
Component: Bugzilla General (Show other bugs)
2.8
i386 Linux
medium Severity medium (vote)
: ---
: ---
Assigned To: David Lawrence
David Lawrence
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-11-16 05:10 EST by Andrew Lunn
Modified: 2007-04-18 12:38 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-11-16 05:11:49 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Andrew Lunn 2001-11-16 05:10:37 EST
Description of Problem:

I've been testing out bugzilla as a 'customer' rather than a net user. Alex
created the group "eCos ASCOM PLC Contract" and i have permission to make
bugs only visiable to members of that group. 

I can put any bug into the group, not just me own. eg look at Alexs' bug
report for the security violation where i got complete access. Thats now
only visiable to "eCos ASCOM PLC contract".

Version-Release number of selected component (if applicable): Current


How Reproducible: one for one


Steps to Reproduce:
1. Login as me
2. Select a bug
3. hit the cross box
4. Save the changes
Comment 1 David Lawrence 2001-12-18 18:33:10 EST
Yes this is true. One thing that will probably help is that with the next release of 
Bugzilla, only people who are the reporter or assigned_to will be able make 
changes to a bug report unless they belong to a special group called 'editallbugs' 
so that will keep you from being able to change the permission levels of other 
people's bugs. Until then since it is not a trivial fix we will work on the honor 
system.

Note You need to log in before you can comment on or make changes to this bug.