Re: Proposal: deregulate secteam, random team

From: Bryan Drewery <bdrewery_at_FreeBSD.org>
Date: Tue, 6 Mar 2018 10:38:17 -0800
On 3/5/2018 1:08 PM, Bryan Drewery wrote:
> I seem to recall for Poudriere that any kind of
> web server with a server-side application was verboten by secteam at the
> time but that kind of blanket rule was just unhelpful and lazy.

I should not have used the word "lazy" here.  I picked a bad word and
should have been more clear that 1 person can never keep up with the
demand and must force compromises like this to move forward.  In the
bigger picture secteam isn't responsible for the cluster systems,
clusteradm is. So clusteradm should be the one to enforce what is
allowed on their systems rather than the security team since they have
to maintain and keep them secure.  The security team should be a
resource for security reviews but not a final say in all regards.

-- 
Regards,
Bryan Drewery


Received on Tue Mar 06 2018 - 18:38:22 UTC