Re: debian github organization ?

To: debian-devel@lists.debian.org
Subject: Re: debian github organization ?
From: Russ Allbery <rra@debian.org>
Date: Sun, 19 Jul 2015 19:50:25 -0700
Message-id: <[🔎] 87si8jbkzy.fsf@hope.eyrie.org>
In-reply-to: <[🔎] 55AC4DB4.4010801@transient.nz> (Ben Caradoc-Davies's message of "Mon, 20 Jul 2015 13:24:04 +1200")
References: <CAJxTCxxwibge546jAWP3TOKtd2NHCJHSTG_G8qK1CwAVncrURA@mail.gmail.com> <[🔎] 87lheciif3.fsf@mid.deneb.enyo.de> <[🔎] CACujMDN1j8M+jsHPQw1Yza=CUaFprsghnac1qnCiHT0Kq6jR7A@mail.gmail.com> <[🔎] 87si8kfkgs.fsf@mid.deneb.enyo.de> <[🔎] 55AB9670.7020008@transient.nz> <[🔎] 21932.15961.964701.620525@chiark.greenend.org.uk> <[🔎] 55AC4DB4.4010801@transient.nz>

Ben Caradoc-Davies <ben@transient.nz> writes:
> On 20/07/15 12:18, Ian Jackson wrote:

>> You're talking as if what is identified is a human being.  But of
>> course, it isn't.  When you do a git push (or whatever) what is pushed
>> is controlled by the computer you are using.

> Of course. Humans lack a network interface. Authentication is the
> process whereby humans use tools they control to prove their
> identity. The integrity of these tools, the degree of control, and the
> care with which these tools are used appears to be your concern.

Er, you're responding to Ian as if you've never before heard of the
concept of using separate authentication credentials for different
purposes, but this is a very old and respected technique and a standard
security approach.  It's a form of privilege separation and roles?
Consider, for example, having entirely separate work and personal
computing hardware with separate keys.  (I highly recommend anyone who
isn't self-employed do the latter, btw.  It keeps things much simpler,
particularly if you change employers.)

I wouldn't care that there is only one GitHub account if I was able to
designate separate keys for different purposes and control which of them
can commit to which repositories.  That way, systems can be kept isolated
from each other and not have credentials to commit to repositories that
are inappropriate for that system.

There are some repositories that I would want to treat with a much higher
level of care and only allow access from specific hosts.

> What is your concern? That your workstation might be misused or
> compromised by someone in your workplace? Key logger? Remote access
> snooping? And that this compromise might be used for malicious purposes
> against Debian?

Yes, all those things, and innumerable other ways of attacking hosts.

> GitHub recommend using SSH key passphrases, which provide a degree of
> protection against machine compromise:
> https://help.github.com/articles/working-with-ssh-key-passphrases/

Which protects only against a tiny fraction of those attacks.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

Follow-Ups:
- Re: debian github organization ?
  - From: Ben Caradoc-Davies <ben@transient.nz>

References:
- Re: debian github organization ?
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: debian github organization ?
  - From: Andrew Shadura <andrew@shadura.me>
- Re: debian github organization ?
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: debian github organization ?
  - From: Ben Caradoc-Davies <ben@transient.nz>
- Re: debian github organization ?
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: debian github organization ?
  - From: Ben Caradoc-Davies <ben@transient.nz>

Prev by Date: BD-Uninstallable due to circullar dependency
Next by Date: Re: debian github organization ?
Previous by thread: Re: debian github organization ?
Next by thread: Re: debian github organization ?
Index(es):
- Date
- Thread