ubuntu-appstore-developers team mailing list archive

Thread
Date

Re: Tracking overrides in the review scripts

To: ubuntu-appstore-developers@xxxxxxxxxxxxxxxxxxx
From: Jamie Strandboge <jamie@xxxxxxxxxxxxx>
Date: Wed, 17 Sep 2014 09:17:34 -0500
In-reply-to: <5419905A.3030100@canonical.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.1

On 09/17/2014 08:44 AM, Jamie Strandboge wrote:

Meh, typos and omissions:

>   "com.ubuntu.music":
>   {
>     "reviewer": "popey",
>     "date": "2014-09-07",
>     "note": "Unconfined ok per jdstrand, but should move to confined with
> music-files-read policy group in the future",

This should have included:
     "vendor": "Ubuntu",

>     "overrides": {
>       "error": {
>         "security_template_valid (apparmor.json)":
>           "(MANUAL REVIEW) 'unconfined' not allowed"
>       },
>       "warn": {
>         "lint_click_local_extensions":
>           "found unofficial extensions: x-source, x-test"
>         }
>       }
>     }
>   },

...

>   "com.ubuntu.developer.foo.bar":
>   {
>     "reviewer": "jdstrand",
>     "date": "2014-09-07",
>     "note": "Uses global contacts list in read only. Code review shown to abuse
> access. New code should be verified this is still true.",
>     "requires_new_review": true,

This should have said "Code review shown not to abuse access."

>     "overrides": {
>       "error": {
>         "security_policy_groups_safe_contacts (apparmor.json)":
>           "(MANUAL REVIEW) reserved policy group 'contacts': vetted applications
> only"
>       },
>       "warn": {}
>     }
>   }
> }


-- 
Jamie Strandboge                 http://www.ubuntu.com/

Attachment: signature.asc
Description: OpenPGP digital signature

References

Tracking overrides in the review scripts
From: Daniel Holbach, 2014-08-29
Re: Tracking overrides in the review scripts
From: Jamie Strandboge, 2014-09-17