On Sun, Feb 21, 2021 at 10:36 AM Jeffrey Walton <noloa...@gmail.com> wrote: > > On Sun, Feb 21, 2021 at 1:20 PM Bruno Haible <br...@clisp.org> wrote: > > > > On another GNU mailing list, someone is writing: > > > > Since I no longer work on <PACKAGE> I give > > you permission to remove my git server access (the key). If I ever > > change my mind about this, we can work out a new solution. > > > > Can you please check if I have any other privileged accounts or rights > > left in the infrastructure? Even though we have not used password > > based logins, I don't want to be a security liability with possible > > effects for myself and for you. > > > > I tend to agree that everyone who has write access to the repository > > poses a certain (small) security risk; the SSH private key might be > > compromised. Therefore it sounds like a reasonable security measure > > to revoke the write access for users who have been inactive for a > > certain time, say 4 years. > > > > Would you agree with that? > > > > The following people still have write access to the gnulib repository > > and have not done any commits in 4 years: > > > > Andreas Grünbacher > > Bruce Korb > > Ludovic Courtès > > Derek R. Price > > Eli Zaretskii > > Gary V. Vaughan > > Gerd Moellmann > > Sergey Poznyakoff > > Joel E. Denny > > Kamil Dudka > > Stefan Monnier > > Richard M. Stallman > > Ralf Wildenhues > > Stefano Lattarini > > > > I would like to emphasize that removal of write access would *not* be > > a disapproval of past work, nor related to lack of friendship. Just a > > security measure. > > > > What do you think? > > >From a governance standpoint, I think four years is too long. Active > developers should have write access, others should not. > > I would consider dropping the threshold to 90 days or 1 year.
Limiting access is good for security, indeed. I like the idea. I agree that four years feels too long. Maybe a middle ground of 2 years, at least for the first round?