Page MenuHomePhabricator

Allow "watcher" packages to have dominion without permitting owners to force accept
Closed, ResolvedPublic


See PHI1906. An install has "watcher" packages that may have dominion over a large set of paths (like /), but should not grant any review privileges.

There are probably a large set of possible attacks on this, but adding a flag to packages for "owning this doesn't mean you get to force-accept weaker packages" seems reasonable.