Hacker News new | past | comments | ask | show | jobs | submit login

> Such access should be restricted (requiring approval) and logged, of course, but it's difficult to eliminate entirely at scale.

It’s not clear how you could practically enforce this requirement if devs just have the raw key on their workstations.




Would be nice to use a multi-sig so the dev would need their key which they always have access to plus a key from an approver.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: