Comment 14 for bug 516709

I don't think there's actually a security problem here unless arbitrary people can make their branches become the official branches, and I don't think that's currently possible. Or is it?

The thread[1] discusses various possibilities but the short story seems to be that we will take away the possibility for branches owned by arbitrary users to be official branches. One way to do that would be to only allow the series owner (eg ~techboard) to mark a branch as official if the series owner owns the branch.

[1] <https://lists.ubuntu.com/archives/ubuntu-distributed-devel/2011-February/000726.html>