Launchpad itself

Commercial admins have far too much power over PPAs.

Bug #724920 reported by Julian Edwards
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Launchpad itself
Triaged
High
Unassigned

Bug Description

Commercial admins can see ALL private PPAs, their +packages pages and their +admin pages. This goes way beyond what a commercial admin should be doing and exposes secret data beyond its intended audience.

We need a new PPA admin role that can see everything, the commercial admin should be restricted to the +admin page.

Tags: p3a ppa
Julian Edwards (julian-edwards)
Changed in launchpad:
status: New → Triaged
importance: Undecided → High
tags: added: p3a ppa
Revision history for this message
Robert Collins (lifeless) wrote :

Can we just restrict commercial admin? duck can see everything already..

Revision history for this message
Julian Edwards (julian-edwards) wrote :

I would like to see a PPA admin role because it *vastly* helps whoever's doing support, in the same way that we have registry admins.

Revision history for this message
Jonathan Lange (jml) wrote :

Perhaps bug 1012135 is a small step toward addressing this.

Revision history for this message
Jonathan Lange (jml) wrote :

The branch linked to bug 1012135 does not address the problem in this bug, that 'commercial admin' intrinsically has too much power over PPAs. However, it might allow some present members of ~commercial_admin to be removed from that team and granted commercial subscriptions instead, which would reduce the severity of this bug.

Revision history for this message
Julian Edwards (julian-edwards) wrote :

Indeed - we can probably re-evaluate the PES permissions. Thanks!

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.