On Fri, Dec 19, 2003 at 12:23:42AM +0100, Josip Rodin wrote: > On Thu, Dec 18, 2003 at 10:34:21PM +0100, Martin Loschwitz wrote: > > I understand the ongoing efforts to make the Debian development boxes > > more secure and I appreciate them as they will probably help to save > > our users better from security issues related to the Debian machines. > > However, I think that we should not burden our own work that hard in > > the name of security. > > You've made a decent post, but it seems to me that the reasons are all > reasonably unimportant and don't really "burden our own work". > Whether they're important or not really depends on your point of view and on your needs. I am about to start a new project related to Debian and not having the possibility of dak comparing configuration files on auric to mine will put _significant_ difficulties on my work (besides the fact that right now you can not even get dak without access to auric as it has not been re-integrated into cvs.d.o. yet.) There is yet another point that, while not bringing up new arguments on the technical side, yet brings up another point of view: Restricting the access to auric on the long term is a clear vote of no confidence against any Debian developer with an account in LDAP DB -- even against those who _take_ care of security and who do lots of efforts to avoid giving a chance to attackers (like not logging in from anywhere else than from a surely trusted place, not using passwords but SSH-Keys stored on encrypted USB memory sticks ...) > Note that I just noticed that I can no longer see the log of the mirror > push (which is useful when one is handling mirrors@d.o stuff, being able > to pinpoint a small amount of problems), but I don't see much reason to > protest because they were of limited use to me anyway (a comparable amount > of problems wittnessed in the logs couldn't be fixed solely by myself). > > Well, if your example is one where having access to auric is not necessary in any case, that's just fine. However, you need to understand (and accept) that for others information from auric may be essential in order to get the tasks done they got done so far. > > -- > 2. That which causes joy or happiness. > > > -- > To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org -- .''`. Martin Loschwitz Debian GNU/Linux developer : :' : madkiss@madkiss.org madkiss@debian.org `. `'` http://www.madkiss.org/ people.debian.org/~madkiss/ `- Use Debian GNU/Linux 3.0! See http://www.debian.org/
Attachment:
signature.asc
Description: Digital signature