Return-Path: X-Original-To: apmail-openoffice-dev-archive@www.apache.org Delivered-To: apmail-openoffice-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B8A85F47A for ; Thu, 4 Apr 2013 17:59:32 +0000 (UTC) Received: (qmail 85553 invoked by uid 500); 4 Apr 2013 17:59:32 -0000 Delivered-To: apmail-openoffice-dev-archive@openoffice.apache.org Received: (qmail 85388 invoked by uid 500); 4 Apr 2013 17:59:32 -0000 Mailing-List: contact dev-help@openoffice.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@openoffice.apache.org Delivered-To: mailing list dev@openoffice.apache.org Received: (qmail 85367 invoked by uid 99); 4 Apr 2013 17:59:32 -0000 Received: from minotaur.apache.org (HELO minotaur.apache.org) (140.211.11.9) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 04 Apr 2013 17:59:32 +0000 Received: by minotaur.apache.org (Postfix, from userid 1094) id E50B8F479; Thu, 4 Apr 2013 17:59:31 +0000 (UTC) Date: Thu, 4 Apr 2013 17:59:31 +0000 From: Greg Stein To: dev@openoffice.apache.org, dennis.hamilton@acm.org Subject: Re: Proposal: Improve security by limiting committer access in SVN Message-ID: <20130404175931.GA22662@gmail.com> References: <515C2D8C.60003@gmail.com> <515C62F0.1030102@apache.org> <515DA2D8.2070908@apache.org> <00ae01ce3150$c4b56510$4e202f30$@acm.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00ae01ce3150$c4b56510$4e202f30$@acm.org> User-Agent: Mutt/1.4.2.3i X-URL: http://prng.blogspot.com/ Speaking as one of those "old-hands", Dennis is absolutely spot-on. Partitions, barriers, sub-groups... I call those "divisive" mechanisms which serve to divide the community. Such divisions are rarely needed. As Andrea points out, in Subversion's 13 year history, we have only *requested* people observe certain fences. We have never had a problem. We have never had to take sanctions. A stray commit here and there? Sure, it has happened, with the best intent, so we just point out that they need a bit more caution. No harm done. Back to Dennis' point: the solution here is proper review of the commits that occur. (IMO) NOT a way to *exclude* or to *limit* the potential contributions of others. Cheers, -g On Thu, Apr 04, 2013 at 09:23:39AM -0700, Dennis E. Hamilton wrote: > In previous generations of this kind of discussion, the ASF old-hands will point out that the social process works quite well, folks don't do commits unless they feel qualified to do so, and it is often the case that committers will request RTC (i.e., submit patches rather than update the SVN) in contributing where they are not experienced or don't consider themselves expert. > > At the ASF this appears to be one of those, "if it is not broken, don't fix it." > > There is still the concern about stolen credentials used to perform undetected malicious acts. If the oversight that the project naturally brings to bear on visible changes to the code base is insufficient, I think the problem is greater than there being a possible exploit of that inattention. Mechanical solutions may be part of the disease, not the cure [;<). > > - Dennis > > -----Original Message----- > From: Andrea Pescetti [mailto:pescetti@apache.org] > Sent: Thursday, April 04, 2013 08:57 > To: dev@openoffice.apache.org > Subject: Re: Proposal: Improve security by limiting committer access in SVN > > Dave Fisher wrote: > > Let's focus only on adding one new authz list for the code tree. > > Call it openoffice-coders and populate it with those who HAVE any > > commit activity in the current code tree. > > I checked feasibility with Infra. Summary: > > 1) LDAP is not the solution. Rule it out. > > 2) The only possible solution would be an authz rule like suggested by > Dave here; however, Infra quite discourages it, mainly for maintenance > reasons. This leads me to think we would need some good justifications > for implementing this. > > 3) If the justification is security, then there are other privileges to > monitor. Namely, every committer has shell access to people.apache.org, > authenticated access to the Apache SMTP server and CMS privileges for > the openoffice.org website, including publish operations. > > For the record, the Subversion project has complex rules like Rob > pointed out; but it's only a "social enforcement", i.e., all committers > respect those limitations by their own choice; if you look at the > technical level, every committer (all Apache committers) can commit code > to the Subversion subtree. > > Regards, > Andrea. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org > For additional commands, e-mail: dev-help@openoffice.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org > For additional commands, e-mail: dev-help@openoffice.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org For additional commands, e-mail: dev-help@openoffice.apache.org