Profile Applicability:
Level 1
Description:
Access to push new code or merge changes into protected branches must be limited to designated individuals or teams. This restriction ensures that only authorized personnel can modify critical parts of the codebase, helping maintain code integrity and security.
Rationale:
Limiting push and merge permissions reduces the risk of unauthorized, accidental, or malicious code changes. It enforces accountability, supports segregation of duties, and strengthens the overall security posture of the development lifecycle.
Impact:
Pros:
Enhances control over codebase changes.
Reduces risk of unauthorized or harmful code being introduced.
Supports compliance and audit requirements.
Encourages responsible code ownership.
Cons:
May slow down development if permissions are too restrictive.
Requires regular review and management of access controls.
Default value:
By default, many repositories allow broad push and merge permissions to all contributors or administrators.
Audit:
Review repository and branch permission settings to confirm only authorized users or teams have push and merge rights. Check logs for unauthorized push or merge attempts.
Remediation:
Implement role-based access controls restricting push and merge permissions. Regularly review and update access lists. Educate teams about permission policies and responsibilities.
References:
GitHub Branch Protection and Access Control: https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/about-protected-branches
GitLab Project Members and Permissions: https://docs.gitlab.com/ee/user/permissions.html
CIS Controls v8, Control 6 - Maintenance, Monitoring, and Analysis of Audit Logs: https://www.cisecurity.org/controls/maintenance-monitoring-and-analysis-of-audit-l