Re: Meeting agenda bot, website, git, ssh

From: Joerg Jaspert <joerg(at)debian(dot)org>
To: Ian Jackson <ijackson(at)chiark(dot)greenend(dot)org(dot)uk>
Cc: spi-general(at)lists(dot)spi-inc(dot)org
Subject: Re: Meeting agenda bot, website, git, ssh
Date: 2009-01-21 09:06:48
Message-ID: 87ocy1rpsn.fsf@vorlon.ganneff.de
Views: Raw Message | Whole Thread | Download mbox
Thread:
Lists: spi-general


>> > Is there one single access control setup for the whole thing, or are
>> > there several ? It would be nice to be able to let people edit the
>> > website without giving them the power to run code on the server, for
>> > example.
>> Noone gets access to the server directly. :)
>> (Well, in case someone needs access to a server, we can certainly
>> arrange things. But thats completly seperate from git access)
> If the code for something running on the server is kept in git then
> effectively everyone who can write to the git can run code on the
> server, because even if pushing to the running copy is manual no-one
> will review every diff.

Are we up to splitting hairs now? :)
So, for that:

Noone except us admins has shell access to the box the git repo is on.
Yes, of course, if you can commit stuff you can commit bad things too.
Somehow thats (technically) not avoidable. Unless you want one of us
admins play gatekeeper, and *I* sure not want to add such a
restriction.

--
bye, Joerg
[Kaffeemaschinen und Babies]
Funktioniert aber so ähnlich: Du füllst oben was rein und unten kommt's braun raus...
-- Martin Würtele

Responses

Browse spi-general by date

  From Date Subject
Next Message Ian Jackson 2009-01-21 10:27:51 Re: Meeting agenda bot, website, git, ssh
Previous Message Ian Jackson 2009-01-20 11:22:27 Re: Meeting agenda bot, website, git, ssh