On Wednesday, 30 May 2018 10:11 Sarah Julia Kriesch wrote:
That's a topic for group security in Bugzilla. I know from other issue trackers, that it is possible, that attachments are only readable/ to download from a specific group in the project. So we can create groups like SUSE and openSUSE. We should try that with Bugzilla [1].
We actually already have a group for SUSE employees (and few others) and they are used for access control.
I would be surprised, if it isn't possible to have security rules for attachments. So customer data can be safe.
An attachment can be also flagged as private (like comments), that's not a problem. The problem is that there is no way to make them flagged automatically, so that human review is necessary before opening a bug, for both comments and attachments. Michal Kubecek -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org