This document lists the permissions people get during the recruiment process for Gentoo Security.
This document has not been updated for years and does not reflect the current status of Gentoo Security.
Access to the GLSAMaker tool. This power can be granted by security team members, by editing on toucan the /var/www/dev.gentoo.org/glsamaker/.htpasswd file and adding the result of
/usr/sbin/htpasswd2 -nm user_to_add .
Your email address should be added to the email@example.com alias, which receives GLSA draft requests and diffs. This can be granted by security leads or infra people.
Channel operator rights on #gentoo-security. This power can be granted by klieber.
Gentoo developer status
Gentoo developer status, which should provide a @gentoo.org email address, a listing on the roll-call developer list and editbugs rights for your Bugzilla account. This needs devrel approval and infra powers.
Gentoo developer account
This gives a Gentoo developer account on dev.gentoo.org, which is needed for CVS access. This needs developer status and infra powers.
Security project team listing membership
You should get added to the Security project team roster. This can be granted by security developers, by editing the project page contents.
Bugzilla Gentoo Security group membership
You should be added as a member of the Gentoo Security BugZilla group. This allows you to see security-restricted bugs. This can be granted by koon or infra people.
Your developer email address should be added to the firstname.lastname@example.org alias. This can be granted by security leads or infra people.
Your developer email address is added to the email@example.com alias. This can be granted by security leads or infra people.
Your developer email address is added to the firstname.lastname@example.org alias. This can be granted by security leads or infra people.
gentoo-announce posting rights
Your email account should be cleared to post to the gentoo-announce mailing-list. This can be granted by infra people.
cvssecurity commit rights
You should get commit rights to security documents (GLSA, security pages, security project pages). This can be granted by infra people.
Your username should appear in dev.gentoo.org www_glsamaker group. This allows you to act on glsamaker directories directly (for cleanup or direct drafts editing). This can be granted by infra people.
You receive vendor-sec mails. This can be granted by klieber.
Who gets what
|Scout||Apprentice||On probation||Team member||Senior member||Subproject leads||Audit member||Kernel member|
|Security team listing||x||x||x||x||x||x|
|Bugzilla Security group||x||x||x||x|
x: must have
This page is based on a document formerly found on our main website gentoo.org.
The following people contributed to the original document: Thierry Carrez, keytoaster
They are listed here because wiki history does not allow for any external attribution. If you edit the wiki article, please do not add yourself here; your contributions are recorded on each article's associated history page.