[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [oniro-dev] Security tooling meeting minutes June 29th, 2022
|
-----Original Message-----
From: Agustín Benito Bethencourt [mailto:agustin.benito@xxxxxxxxxxxxxxxxxxxxxx]
Sent: 21 July, 2022 09:28
To: oniro-dev@xxxxxxxxxxx
Cc: Marta Rybczynska <marta.rybczynska@xxxxxxxxxx>
Subject: Re: [oniro-dev] Security tooling meeting minutes June 29th, 2022
Hello,
On Friday, 15 July 2022 14:58:24 CEST Marta Rybczynska wrote:
> Hello all,
> Sending to a wider audience my notes from a security tooling meeting.
>
> Presents: Agustín Benito Bethencourt, Mikael Barbero, Sebastien
> Heurtematte, Marta Rybczynska
>
> Short term (needed before Oniro Goofy release end of 2022):
> * Security bugtracker
> Oniro needs a confidential bugtracker with limited audience. We might
> have embargoed issues that are on need-to-know basis until the embargo
> end. This might be highly sensitive and affects devices in the field.
> Currently in GitLab confidential issues are visible for everyone with
> Reporter rights and above, so in practice for everyone. For this
> reason we can't use the regular Oniro project issues for this
> bugtracker. A solution is to create a separate project with a committer list including only the security team.
>
> Next steps (Agustin, could you confirm please?) - Marta to write a
> proposal (a project proposal?)
I have the draft you created on my inbox. Let me give it one last review and come back to you.
Any updates on this Agustin? In my order of urgency, I need this before private forks :)
Kind regards,
Marta