policy name: repository_no_permission_enforced_by_default
Collaborators in your organizations should receive access to specific organizations and repositories as necessary, and not have read and write access to all repositories across the enterprise.
An adversary will have access to all repositories in the enterprise, instead of just a part of them.
- Make sure you are an enterprise owner
- Go to the Settings page
- Under the ‘Policies’ tab
- choose ‘Repositories’
- Under ‘Base Permission’ choose ‘No Permission’