How to update Base permissions setting in GitHub

Introduction

GitHub Organization allows users to set default permissions on new users when they are being added to the organization. These permissions are No permission, Read, Write, or Admin permissions of which No permission provides no access and Admin gives complete access to users. To decrease operational overhead and to provide valid users with read access to the code but no edit or modify, GitHub Organization allows a minimum permission of Read by default for any new member accounts.

From a security standpoint, it is recommended to update this permission to No permission so that when a new user is created, the admin is aware and deliberately assigns one of the permissions to the user.

In this article we will see how to update the Base permissions in your GitHub Organization.

Update Base permissions setting in GitHub

Following are the steps to update Base permissions settings in GitHub:

Login to your GitHub account
Navigate to the Organization for which you want to update Base permissions
On the main page, click on Settings
Go to Member Privileges
Under Base permissions section click on the dropdown and select No permission
A pop-up will appear for confirming the action. Click on Change base permission to “No permission”
This will change the Base permission to No Permission

Riyaz Walikar

Founder & Chief of R&D

Riyaz is the founder and Chief of R&D at Kloudle, where he hunts for cloud misconfigurations so developers don’t have to. With over 15 years of experience breaking into systems, he’s led offensive security at PwC and product security across APAC for Citrix. Riyaz created the Kubernetes security testing methodology at Appsecco, blending frameworks like MITRE ATT&CK, OWASP, and PTES. He’s passionate about teaching people how to hack—and how to stay secure.

•• See all posts

Riyaz Walikar

Founder & Chief of R&D

•• See all posts

← Back to Academy