docs/security: Add a note about marshal handling email lists.
There have been occasional instances of marshals responding to security emails and removing the list outright, rather than bcc'ing. This makes it hard to distinguish between emails that have had responses and those that have not. Change-Id: I55feedc97450149a5dac69b6dd79c29eb5b44d3e Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2079331 Reviewed-by: Max Moroz <mmoroz@chromium.org> Commit-Queue: Max Moroz <mmoroz@chromium.org> Cr-Commit-Position: refs/heads/master@{#745178}
This commit is contained in:
@ -83,6 +83,9 @@ various important responsibilities:
|
||||
* Note: external emails will always come in on security@chromium.org as
|
||||
chrome-security@google.com is a Google-only list, but both need to be
|
||||
triaged.
|
||||
* When triaging an email to be handled off of the list, make sure to bcc: the
|
||||
list that it arrived on, so that other people including future marshals can
|
||||
see that it has been handled.
|
||||
* Change bugs status to **Fixed** for those that the developer forgets to close.
|
||||
Make sure to read bug comments where developer might point out that it needs
|
||||
more CLs, et c. Wait 24 hours before closing ClusterFuzz bugs, to give
|
||||
|
Reference in New Issue
Block a user