Skip to content

Create lesser admin role #2135

@ammario

Description

@ammario

Problem statement

Our admin user has full shell access to every workspace, letting them steal secrets and manipulate workspaces at will. We have clear instructions from our customers that this is a Big Bad. Our major deployments will disable the existing admin users and will want a lesser admin role.

Definition of done

There is a lesser role than the current admin role, without the ability to enter the workspace's terminals. The current admin role is renamed to something more specific.

Suggestions

I propose we rename "admin" to "root" or "deployer". I prefer "root" since everyone knows you're not supposed to use "root", except transiently. Everyone also knows "root" is dangerous.

There is some precedent for this pattern in GitHub Enterprise, which has a special deployer access panel that is not associated with any user.

cc @Emyrk

Originally posted by @ammario in #2108 (comment)

Metadata

Metadata

Assignees

Labels

apiArea: HTTP APIsiteArea: frontend dashboard

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions

    pFad - Phonifier reborn

    Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

    Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


    Alternative Proxies:

    Alternative Proxy

    pFad Proxy

    pFad v3 Proxy

    pFad v4 Proxy