Received: from localhost (maia-1.hub.org [200.46.204.191]) by postgresql.org (Postfix) with ESMTP id 6FC9A9FA177 for ; Mon, 5 Feb 2007 17:46:19 -0400 (AST) Received: from postgresql.org ([200.46.204.71]) by localhost (mx1.hub.org [200.46.204.191]) (amavisd-new, port 10024) with ESMTP id 14701-08 for ; Mon, 5 Feb 2007 17:46:16 -0400 (AST) X-Greylist: from auto-whitelisted by SQLgrey-1.7.4 Received: from lists.commandprompt.com (host-254.commandprompt.net [207.173.203.254]) by postgresql.org (Postfix) with ESMTP id 487AA9FA0EC for ; Mon, 5 Feb 2007 17:46:16 -0400 (AST) Received: from [192.168.2.3] (evim.gunduz.org [81.214.129.77]) (authenticated bits=0) by lists.commandprompt.com (8.13.7/8.13.6) with ESMTP id l15LkGoD022043; Mon, 5 Feb 2007 13:46:17 -0800 Subject: Re: How to coordinate web team for security releases? From: Devrim GUNDUZ To: Tom Lane Cc: pgsql-www@postgresql.org In-Reply-To: <20476.1170711517@sss.pgh.pa.us> References: <200702051128.13819.josh@agliodbs.com> <20070205210315.GA7988@fetter.org> <20476.1170711517@sss.pgh.pa.us> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-sykmrWzzkvp0jk+3zW9A" Organization: Command Prompt, Inc. Date: Mon, 05 Feb 2007 23:46:42 +0200 Message-Id: <1170712002.3056.19.camel@laptop.gunduz.org> Mime-Version: 1.0 X-Mailer: Evolution 2.8.2.1 (2.8.2.1-3.fc6) X-Virus-Scanned: ClamAV version 0.88.5, clamav-milter version 0.88.5 on projects.commandprompt.com X-Virus-Status: Clean X-Greylist: Sender succeded SMTP AUTH authentication, not delayed by milter-greylist-1.6 (lists.commandprompt.com [192.168.2.159]); Mon, 05 Feb 2007 13:46:18 -0800 (PST) X-Virus-Scanned: Maia Mailguard 1.0.1 X-Archive-Number: 200702/50 X-Sequence-Number: 11455 --=-sykmrWzzkvp0jk+3zW9A Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hello, On Mon, 2007-02-05 at 16:38 -0500, Tom Lane wrote: > * Dave (and Devrim too) making commits that made it obvious something > was afoot. They could and should have used the Security: filter that > Marc set up to cause those messages to be held for moderator approval. How? By adding a=20 Security: line before the commit message? Does it also work for pgfoundry commits? > * Josh using pgsql-www to notify the web team. I had had the idea > that pgsql-www was supposed to be closed-subscription, so I didn't > think anything of it at the time, but that's evidently wrong. Fixing > that leak is the point of this discussion.=20 It should be sent to the slaves list I think, as JoshB said in his e-mail. It is closed subscription. Regards, --=20 Devrim G=C3=9CND=C3=9CZ PostgreSQL Replication, Consulting, Custom Development, 24x7 support Managed Services, Shared and Dedicated Hosting Co-Authors: plPHP, ODBCng - http://www.commandprompt.com/ --=-sykmrWzzkvp0jk+3zW9A Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBFx6XCpme12CBXnxERAqOyAJ4heqWDL6OhiQ5StKdLh/zqzTi/rACfSa1l 1k/topAxnv+t/M0FbkMp/RE= =c/qt -----END PGP SIGNATURE----- --=-sykmrWzzkvp0jk+3zW9A--