Re: Git access?

On Tue, Jun 10, 2008 at 09:14:35PM +0200, Magnus Hagander wrote:
> David Fetter wrote:
> > On Fri, Jun 06, 2008 at 01:54:43PM +0200, Peter Eisentraut wrote:
> >> The plan is to try out gitosis for account management.
> > 
> > It's an interesting plan, but it's one that's preventing people
> > from using the service.  How about shelving that plan for the
> > moment and handing out access as needed to developers? :)
> 
> Please don't. Handing more access out in an uncontrolled way will
> give us a lot more work cleaning things up later.

With respect, I must disagree.  This resource is incredibly easy to
maintain--and practically useless--because nobody can get on there.

If somebody or somebodies here is thinking about some kind of single
sign-on[1] system for developers, let's discuss that separately.  I
don't recall anybody deciding that we were going to use one, and I
certainly don't recall that it's been decided that that decision gates
access to git.postgresql.org.

Cheers,
David.

[1]  For me, "single sign-on" reads as "high-value target" from an
attacker's point of view, and I generally think the convenience isn't
worth the cascading failure modes such systems have.
-- 
David Fetter <david@fetter.org> http://fetter.org/
Phone: +1 415 235 3778  AIM: dfetter666  Yahoo!: dfetter
Skype: davidfetter      XMPP: david.fetter@gmail.com

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate