1 |
Doug Goldstein <cardoe@g.o> posted |
2 |
eafa4c130903101013s3bb64404g9e65ca0fc8973021@××××××××××.com, excerpted |
3 |
below, on Tue, 10 Mar 2009 12:13:36 -0500: |
4 |
|
5 |
> So really an effective solution might be for the recruiters/retirement |
6 |
> staff to change a user's shell with a script that spits out a message |
7 |
> that says something to the effect of: |
8 |
> |
9 |
> "You have been inactive for a while. Please contact recruiters to |
10 |
> re-enable your account. This was done as a security measure." |
11 |
> |
12 |
> Obviously a little friendlier would be better but everyone gets the |
13 |
> gist. That'll prevent them from logging into infra boxes and from being |
14 |
> able to do a commit. |
15 |
|
16 |
That does seem to take care of the security side (assuming the cracker |
17 |
can't simply contact recruiters and get reenabled, no verification), yes. |
18 |
|
19 |
That's my biggest concern. However, upon reading rane's replies, his |
20 |
point that if retaking the quizes is hard, they probably DO need the |
21 |
refresh, makes a lot of sense to me as well. |
22 |
|
23 |
But even tho the knowledge aspect applies to every returning dev while |
24 |
the security aspect above is (hopefully) low chance, lack of up-to-date |
25 |
tech and policy knowledge (as addressed by the quizes) at worst breaks a |
26 |
tree for a few hours or a package for perhaps a few months. If Gentoo |
27 |
devs as a group are willing to live with that, so am I as a Gentoo user |
28 |
and Gentoo system sysadmin. It's thus an entirely different level of |
29 |
discussion than that of a relatively lower chance but much higher damage |
30 |
potential security breach, which every Gentoo user (aka Gentoo system |
31 |
sysadmin) therefore has an interest in. |
32 |
|
33 |
-- |
34 |
Duncan - List replies preferred. No HTML msgs. |
35 |
"Every nonfree program has a lord, a master -- |
36 |
and if you use the program, he is your master." Richard Stallman |