RT 3.4.4 and custom field security


We have been using RT since three years for tracking internal support and
product change request.

Four week ago, we replaced our last RT version by 3.4.4 version. Today, We
don’t understand somethink about custom field security.

We want that only the owner of a ticket can modify the content of the
ticket (base attributes and custom fields).
In order to do that, in global group rights configuration, we tell to RT
that owner can “modify custom field”. We made this declaration in global
group rights, because it’s seem impossible in queue group rights.

In addition, in queue group rights, on RT 321, we had declared that only
owner can modify a ticket. It’s true in RT3.4.4.

It’s seem OK, but we also saw that it’s necessary to declare that everyone
can modify a ticket in order to write custom field during the submission.
The result is everyone can modify all tickets. It’s unacceptable for us.

We tink we don’t understand somethink ?

Thank for your help,

Ludovic ZEYER