Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
dijit
9 days ago
|
parent
|
context
|
favorite
| on:
GitHub is investigating unauthorized access to the...
in my org, devs don’t have access to customer data directly, and sysadmins don’t have access to modify code.
It’s a simple rule from a simpler time, to limit the risk of total compromise.
help
Arbortheus
9 days ago
[–]
Repos should not contain customer data.
reply
dijit
9 days ago
|
parent
|
next
[–]
Private Repos, in githubs case, might
be
customer data.
reply
rgblambda
9 days ago
|
parent
|
prev
[–]
I think this might be more aimed at ensuring that if an attacker gains access to cloud login credentials via a compromised dev machine, those credentials can't then be used to access customer data.
reply
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
It’s a simple rule from a simpler time, to limit the risk of total compromise.