Date: Wed, 22 Oct 2003 01:42:00 -0500 (CDT) From: Mark Linimon <linimon@lonesome.com> To: freebsd-ports@FreeBSD.org Subject: a reminder to PR submitters Message-ID: <Pine.LNX.4.44.0310220135110.4822-100000@pancho>
next in thread | raw e-mail | index | archive | help
Please do not set the Confidential field on your PRs to "yes". We really don't have a mechanism to deal with confidential PRs in GNATS due to the fact that the database itself can be replicated, via cvsup, to anyone's machine, and thus itself is inherently insecure. Setting this field to "yes" merely makes your PR disappear into this limbo-category called "pending" which is dark and scary and filled with big spiders and stuff :-) The only mechanism in FreeBSD for notification of severe security vulnerabilities, as far as I know, it to directly send email to security-officer @ FreeBSD.org. I'm sure that if I'm wrong that someone will correct me immediately ... mcl
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0310220135110.4822-100000>