← Back to team overview

maria-developers team mailing list archive

Re: security spring cleaning in MariaDB org on github


Sergei Golubchik <serg@xxxxxxxxxxx> writes:

> If you think you need admin access, please request it (again).

Yes, please restore my access to the repo. I use it regularly, to work with
web hooks, see how the repo is setup, etc.

> we're performing some spring cleaning in this area.

Who are "we"?

I was not included in any discussions, or even made aware that such
disucssions were taken place, why not?

> lost admin access to the org. Currently only the MariaDB Foundation CEO
> and few board members (those, who actually have used admin access
> recently) retained their admin rights.

Board members?

So admin access is needed to do technical work with the repo, to give people
write access, and (currently) to see the list of members in teams.

Neither of these make *any* sense for board members. I mean, if I need to
debug a problem with Buildbot not picking up my push, or want to set up a
hook to listen for pushes or something, I should ask a *board member* to do
it for me? Seriously?

I assume you mean that the people with access are yourself Serg, Rasmus, and
Otto. Monty is the fourth one? The two of us are probably the ones with the
best knowledge of how to manage git and repositories for MariaDB, so you
clearly make sense. Otto and Rasmus I assume is so that they can give write
access to new employees, but that has nothing to do with Rasmus being a
board member. And I doubt Monty does much work on github at all?

Of course, the list of people with access is not even public, so one can
only guess, not even know who to ask in case of any issues. You have to be a
board member to even know who has repo access?

> 2FA is required for all admins (and highly recommended for all other members)

Sure, I can set that up if you really want.

 - Kristian.

Follow ups