Groups policy

Gervase Markham gerv at
Thu Oct 17 07:10:53 UTC 2002

We need to decide how, by default, we are going to restrict access to 
things. proposes restricting 
the enter_bug page on b.m.o. to people with canconfirm; a 
counter-proposal says we should invent a new group.

This raises the general question: is our policy by default to have a 
small number of groups on a increasing scale, like:
(nothing, canconfirm, editbugs, editusers, "admin")
and then fit each privilege onto it somewhere, or is it to create a new 
group for each thing ("canenterbugs" etc.) and ask admins to join their 
new users to all the groups they'd like them to have access to (either 
automatically using the regexp or by hand)?

My view: I'm not claiming our current groups are the right names for the 
  "increasing responsiblity scale" idea, but I think the principle is sound.


More information about the developers mailing list