Tom Lane wrote:
>
> I see the leakage points in this case as being
>
> * Dave (and Devrim too) making commits that made it obvious something
> was afoot. They could and should have used the Security: filter that
> Marc set up to cause those messages to be held for moderator approval.
The pgInstaller CVS for sure - but that wouldn't have worked for the SVN
repo the docs are in. The messages from there go to pgadmin-hackers, so
I'm not quite so keen to keyword filter there unless the regexp is a
little more precise.
Marc; a commit message there might look like (without the lines):
=================================================================
Author: dpage
Date: 2007-02-05 20:28:43 +0000 (Mon, 05 Feb 2007)
New Revision: 5906
Revision summary:
http://svn.pgadmin.org/cgi-bin/viewcvs.cgi/?rev=5906&view=rev
Log:
Add a guru hint to warn the user of the consequences of storing
passwords, per Tony Caduto.
=================================================================
Can you hold messages to pgdmin-hackers with say:
"view=rev\n\nLog:\nSecurity: " ?
> * Josh using pgsql-www to notify the web team. I had had the idea that
> pgsql-www was supposed to be closed-subscription, so I didn't think
> anything of it at the time, but that's evidently wrong. Fixing that
> leak is the point of this discussion.
No, we got lots of flack over it being closed so eventually gave up and
made it 'by approval' and then completely open.
-packagers will work though - can we get David Fetter subscribed, and my
own address approved if it still hasn't been. On a related I'm also not
sure if Hiroshi Saito (z-saito@guitar.ocn.ne.jp) is subscribed (he
packages win32-ja) - if not, can we sort that at the same time please?
Regards, Dave.