Martin Schulze wrote: > I have some problems with this approach since being able to commit > to webwml means being able to execute arbitrary code on www-master > which is currently the same as security-master. Thus, having only > limited write access and a controlled way to expand this, is actually > a feature, imho.
A very good point. Especially since translators can also in theory run arbitrary code on www-master right now, which doesn't seem desirable, especially for the ones who are not DDs. Is there any reason why the build has to happen on www-master? For the installation manual and release notes, my understanding is that the building happens elsewhere (such as on alioth) and the content is then synced over to www-master. A side benefit of doing that, besides security, is that committers who cannot access www-master can still debug website build issues and even launch a new build if necessary. -- see shy jo
signature.asc
Description: Digital signature
