Project:Security/Powers
This document lists the permissions people get during the recruiment process for Gentoo Security.
Powers
This document has not been updated for years and does not reflect the current status of Gentoo Security.
GLSAMaker account
Access to the GLSAMaker tool. This power can be granted by security team members, by editing on toucan the /var/www/dev.gentoo.org/glsamaker/.htpasswd file and adding the result of /usr/sbin/htpasswd2 -nm user_to_add .
glsa-commits@gentoo.org alias
Your email address should be added to the glsa-commits@gentoo.org alias, which receives GLSA draft requests and diffs. This can be granted by security leads or infra people.
Channel Op
Channel operator rights on #gentoo-security. This power can be granted by klieber.
Gentoo developer status
Gentoo developer status, which should provide a @gentoo.org email address, a listing on the roll-call developer list and editbugs rights for your Bugzilla account. This needs devrel approval and infra powers.
Gentoo developer account
This gives a Gentoo developer account on dev.gentoo.org, which is needed for CVS access. This needs developer status and infra powers.
Security project team listing membership
You should get added to the Security project team roster. This can be granted by security developers, by editing the project page contents.
Bugzilla Gentoo Security group membership
You should be added as a member of the Gentoo Security BugZilla group. This allows you to see security-restricted bugs. This can be granted by koon or infra people.
security@gentoo.org alias
Your developer email address should be added to the security@gentoo.org alias. This can be granted by security leads or infra people.
security-audit@gentoo.org alias
Your developer email address is added to the security-audit@gentoo.org alias. This can be granted by security leads or infra people.
kern-sec@gentoo.org alias
Your developer email address is added to the kern-sec@gentoo.org alias. This can be granted by security leads or infra people.
gentoo-announce posting rights
Your email account should be cleared to post to the gentoo-announce mailing-list. This can be granted by infra people.
cvssecurity commit rights
You should get commit rights to security documents (GLSA, security pages, security project pages). This can be granted by infra people.
www_glsamaker group
Your username should appear in dev.gentoo.org www_glsamaker group. This allows you to act on glsamaker directories directly (for cleanup or direct drafts editing). This can be granted by infra people.
Vendor-sec clearance
You receive vendor-sec mails. This can be granted by klieber.
Who gets what
| Scout | Apprentice | On probation | Team member | Senior member | Subproject leads | Audit member | Kernel member | |
| GLSAMaker | x | x | x | x | o | |||
| glsa-commits alias | o | x | x | x | o | |||
| Channel Op | x | x | x | x | x | |||
| Developer status | x | x | x | x | x | x | ||
| Developer account | x | x | x | x | x | |||
| Security team listing | x | x | x | x | x | x | ||
| Bugzilla Security group | x | x | x | x | ||||
| security alias | x | x | x | x | ||||
| security-audit alias | o | x | o | x | ||||
| kern-sec alias | o | x | o | x | ||||
| gentoo_announce access | x | x | ||||||
| cvssecurity commit | x | x | ||||||
| www_glsamaker group | x | x | ||||||
| vendorsec clearance | x |
x: must have
o: on-demand
This page is based on a document formerly found on our main website gentoo.org.
The following people contributed to the original document: Thierry Carrez, keytoaster
They are listed here because wiki history does not allow for any external attribution. If you edit the wiki article, please do not add yourself here; your contributions are recorded on each article's associated history page.