On Thu, 2019-03-14 at 20:35 +0100, Bastian Blank wrote: > On Thu, Mar 14, 2019 at 08:52:15AM +0100, Tomasz Rybak wrote: > > The accounts with Maintainer rights belong to people with > > significant > > activity. > > So, to summarise: default membership level is Developer, promoted > > to Maintainer if there is a need. Is this overview correct? > > Giving out Maintainer is mostly about trust. This access level > allows > unsupervised changes to the code used to build our images and also to > stored credentials. So only DD are elegible. I agree. > > Due to the damage they can do, I would consider this level of access > as > equivalent to cd building. AFAIR casulana (and other machines used to build CDs) have even more restrictions: DDs need to apply for access as SSH is not available to every DD. But IMO for now we can leave current policy of giving Maintainer to DDs - as we also control membership of cloud team. Best regards. -- Tomasz Rybak, Debian Developer <serpent@debian.org> GPG: A565 CE64 F866 A258 4DDC F9C7 ECB7 3E37 E887 AA8C
Attachment:
signature.asc
Description: This is a digitally signed message part