Security fix default user permissions Default user permissions should not include all user attributes. We now limit this to the username, realname and some further attributes depending on the schema. Note that we no longer include the email addresses, depending on your installation you may want to further restrict this or add some attributes like ``address`` and ``alternate_addresses``.

def init_severity(db, cl, nodeid, newvalues):
    """Make sure severity is set on new issues"""
    if newvalues.has_key('severity') and newvalues['severity']:
        return

    normal = db.severity.lookup('normal')
    newvalues['severity'] = normal

def init(db):
    db.issue.audit('create', init_severity)