Allow "watcher" packages to have dominion without permitting owners to force accept
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	epriestley
	Jun 25 2021, 3:32 PM

Description

See PHI1906. An install has "watcher" packages that may have dominion over a large set of paths (like /), but should not grant any review privileges.

There are probably a large set of possible attacks on this, but adding a flag to packages for "owning this doesn't mean you get to force-accept weaker packages" seems reasonable.

Related Objects

Mentioned In: 2021 Week 26 (Late June)
rPa641ec82a323: Add an "Authority" control to Packages to support "Watcher" packages
D21674: Add an "Authority" control to Packages to support "Watcher" packages

Event Timeline

epriestley triaged this task as Normal priority.Jun 25 2021, 3:32 PM

epriestley created this task.

epriestley mentioned this in D21674: Add an "Authority" control to Packages to support "Watcher" packages.Jun 25 2021, 4:30 PM

epriestley mentioned this in rPa641ec82a323: Add an "Authority" control to Packages to support "Watcher" packages.Jun 25 2021, 8:48 PM

epriestley mentioned this in 2021 Week 26 (Late June).Jun 25 2021, 9:32 PM

epriestley closed this task as Resolved.Jul 9 2021, 4:38 PM

Allow "watcher" packages to have dominion without permitting owners to force acceptClosed, ResolvedPublicActions

Description

Related Objects

Event Timeline

Allow "watcher" packages to have dominion without permitting owners to force accept
Closed, ResolvedPublic
Actions