1 |
Gordon Malm <gengor@g.o> posted |
2 |
200903091617.48682.gengor@g.o, excerpted below, on Mon, 09 Mar |
3 |
2009 16:17:48 -0700: |
4 |
|
5 |
> There is an important security aspect to retiring folks - commit |
6 |
> abilities. Perhaps in the case a dev wants to contribute but cannot in |
7 |
> the near future their commit privs can just be revoked until such time |
8 |
> they ask for them to be turned back on? I guess that would be an |
9 |
> 'extended devaway' ? |
10 |
|
11 |
This is my concern, and one that infra has expressed on occasions when |
12 |
the topic has come up before. On principle, a stale yet still active |
13 |
authorization is an authorization just begging to have some cracker |
14 |
stumble on it. We don't want some still active authorization and key |
15 |
from two years ago getting stolen and used to try to slip a bad commit |
16 |
under the radar, where the dev won't have a clue as he's not been active |
17 |
for years and has forgotten the key was even stashed somewhere /to/ get |
18 |
stolen. |
19 |
|
20 |
The six-month retirement thing is a backstop to prevent things like that |
21 |
from occurring. Maybe an extended "dev-away" mechanism, whereby the dev |
22 |
just needs to notify devrel that he's going active again (preferably in- |
23 |
person or with some inside joke or other verifiable mechanism so it's |
24 |
demonstrably /not/ some cracker simply finding the key), could be |
25 |
preferred to the whole inboarding, mentoring, etc, process all over again. |
26 |
|
27 |
Then again, a lot can change in two years. The former dev may not know |
28 |
about the new EAPIs and other policy and etc. changes, and having taken |
29 |
the quiz and gone thru the process before, it should be easier the second |
30 |
time and could be expedited, but there's an argument for still going thru |
31 |
it, just to start off again on the right foot, as they say. Also, that |
32 |
time would serve as an intro period between the returning dev and new |
33 |
ones that have come in since his retirement. So yeah, maybe a somewhat |
34 |
abridged inboarding is appropriate for a returning dev, but eliminating |
35 |
it entirely, as an extended dev-away, might be going too far. |
36 |
|
37 |
-- |
38 |
Duncan - List replies preferred. No HTML msgs. |
39 |
"Every nonfree program has a lord, a master -- |
40 |
and if you use the program, he is your master." Richard Stallman |