maria-developers team mailing list archive

Thread
Date

Re: security spring cleaning in MariaDB org on github

To: Sergei Golubchik <serg@xxxxxxxxxxx>
From: Kristian Nielsen <knielsen@xxxxxxxxxxxxxxx>
Date: Sun, 06 Nov 2016 09:38:23 +0100
Cc: maria-developers@xxxxxxxxxxxxxxxxxxx, otto@xxxxxxxxxxx, monty@xxxxxxxxxxx
In-reply-to: <20161105172202.GB8452@meddwl.fritz.box> (Sergei Golubchik's message of "Sat, 5 Nov 2016 18:22:02 +0100")
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4 (gnu/linux)

Sergei Golubchik <serg@xxxxxxxxxxx> writes:

> And owners are much too powerful to be treated lightly
> https://help.github.com/articles/permission-levels-for-an-organization/

> Because that was a small admin task, something similar is done almost
> every second day.

I see.

I am sad - and hurt - that you consider my involvement a security risk. I
was always heavily involved in maintaining our repositories and other
infrastructure, ever since the very start of MariaDB early 2009.

If your personal goal is to restrict people's access as much as possible,
all I can say is that it is not how I understand open source. But I doubt I
would be able to find many allies to contest your point of view.

At least your explanation helped me understand my role (or lack of same) in
MariaDB.

> I hope not, but I really don't know what's visible to whom.
> 
> I can check how it works, probably create a second account and invite it
> into mariadb on github as a normal non-privileged member...

If you hadn't removed my access, I could have told you which settings would
need to be changed...

Thanks,

 - Kristian.

Follow ups

Re: security spring cleaning in MariaDB org on github
From: Sergei Golubchik, 2016-11-06

References

security spring cleaning in MariaDB org on github
From: Sergei Golubchik, 2016-11-04
Re: security spring cleaning in MariaDB org on github
From: Kristian Nielsen, 2016-11-05
Re: security spring cleaning in MariaDB org on github
From: Sergei Golubchik, 2016-11-05