Date: Tue, 10 Jun 2008 15:00:32 -0700
From: David Fetter <david@fetter.org>
To: Magnus Hagander <magnus@hagander.net>
Cc: Peter Eisentraut <peter_e@gmx.net>, pgsql-www@postgresql.org
Subject: Re: Git access?
Message-ID: <20080610220032.GF15591@fetter.org>
References: <20080605155258.GF21648@fetter.org>
	<200806061354.43916.peter_e@gmx.net>
	<20080610191013.GC15591@fetter.org> <484ED29B.5070706@hagander.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <484ED29B.5070706@hagander.net>
User-Agent: Mutt/1.5.17 (2007-11-01)

On Tue, Jun 10, 2008 at 09:14:35PM +0200, Magnus Hagander wrote:
> David Fetter wrote:
> > On Fri, Jun 06, 2008 at 01:54:43PM +0200, Peter Eisentraut wrote:
> >> The plan is to try out gitosis for account management.
> > 
> > It's an interesting plan, but it's one that's preventing people
> > from using the service.  How about shelving that plan for the
> > moment and handing out access as needed to developers? :)
> 
> Please don't. Handing more access out in an uncontrolled way will
> give us a lot more work cleaning things up later.

With respect, I must disagree.  This resource is incredibly easy to
maintain--and practically useless--because nobody can get on there.

If somebody or somebodies here is thinking about some kind of single
sign-on[1] system for developers, let's discuss that separately.  I
don't recall anybody deciding that we were going to use one, and I
certainly don't recall that it's been decided that that decision gates
access to git.postgresql.org.

Cheers,
David.

[1]  For me, "single sign-on" reads as "high-value target" from an
attacker's point of view, and I generally think the convenience isn't
worth the cascading failure modes such systems have.
-- 
David Fetter <david@fetter.org> http://fetter.org/
Phone: +1 415 235 3778  AIM: dfetter666  Yahoo!: dfetter
Skype: davidfetter      XMPP: david.fetter@gmail.com

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate