Comment 1 for bug 1008526

-- Under the old rules the default person to get security bug mail
-- is the maintainer. The maintainer may set the security contact to
-- another person.
-- Under the new rules, the maintainer gets full access by default,
-- but the security contact ceases to exist. But the maintainer
-- may still share all security info with a person who may set
-- a structural subscription.
-- We only want to share security with exclusive security_contact
-- persons for active projects that use Lp Bugs.
-- these team need a structural subscription for with a securty filter.
select p.name, sc.name
from product p
    join person sc on p.security_contact = sc.id
where
    p.active is true
    and p.official_malone is true
    and sc.subscriptionpolicy in (1, 3)
    and p.owner != p.security_contact
order by sc.name
;
-- (1006 rows) on staging
-- Note that there is a large overlap with the teams in this query
-- and those in the counterpart bug supervisor query. The overlaping
-- teams will ultimately have the same AGPs as the maintainer.