Re: It's all about trust
On Mon, 27 Oct 2008, Lucas Nussbaum wrote:
> On 27/10/08 at 16:40 +0100, Raphael Hertzog wrote:
> > On Mon, 27 Oct 2008, Lucas Nussbaum wrote:
> > > > - this process might be too heavy with fine-grained privileges as it would
> > > > require the intervention of many DD each time we have to grant a right
> > > > (when trusting the decision of 2 members with special rights would be enough).
> > >
> > > That's why I don't think that it's a good idea to play with a lot of
> > > different privileges. Privileges should be granted when they are
> > > necessary to do something, and if you are a DD, you should be able to
> > > easily get any privilege you need to do your work. You are already
> > > trustworthy, so there's no need to double-check everything you do.
> > If I advocate someone based on some perl modules, I trust him to handle
> > any perl modules reasonnably well but I certainly don't trust him to
> > package a new library. I do trust some people to refrain from doing stupid
> > things with their DD powers but that kind of trust comes with much more
> > time and interaction. It's not the kind of trust that I would give to
> > anyone that has only proven that he's able to package perl modules. And
> > yet we want to give that contributor some immediate reward for his work.
> If someone is only trustable to package perl modules, shouldn't he be a DM
> instead of a DD?
We might want him to be able to package new perl modules on his own? Where
do you draw the line? If you maintain 20 or 50 perl modules?
Note that my proposal doesn't change much to that problem except that when
one gets granted the extended rights for this specific reason, that
pseudo-contract between the community managers and the contributor
would/could be more explicit and the contributor would be informed that we
expect him to go through sponsors when he decides to package something
else than perl modules.
Le best-seller français mis à jour pour Debian Etch :