[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Debconf-discuss] pentabarf host access



Hi

as you may have read some time ago we got a group of people together who
work on our pentabarf (the conference management software). That took a
huge amount of load away from me, as I am basically only the one who
needs to sync the fixes from svn to the host where our install runs, the
real work of coding is done by other people.

Now, this still depends a lot on me, which is something I try to
minimize, its better when others are able to do work too. So my *long*
term plan is to give other(s) the rights to do that point. Currently the
best candidate for that is Torsten Werner who is doing all the coding
for our changes to pentabarf, but read on.


I havent done this right away with the start of the debconf-pentabarf
team, for various reasons, which also will defer it for some more time,
probably until DebConf7:

 - The site is in production use since some time already and should have
   as less as possible outage as possible, so changes should be tested.

 - The site holds personal data of all people that registered for
   DebConf. Which means we should be *really* conservative about who we
   allow to access it. Currently thats only the admin group (via the
   host itself) and Moray and Neil (via the pentabarf interface for it).

   This point is also the reason why I wont go and simply allow the
   whole debconf-pentabarf team to access it. We want to be able
   to add more people to it, when they want to help coding, without
   thinking about the privacy issues with the personal data.


Right now I see the diff for every change before it is applied. I am the
one who restarts the server to get new code in production use,
etc. Which means there is a good level of control before something gets
used, and the privacy of the data users enter[ed] is as high as
possible[1].


So I would like input on

  what others think how far I should keep this paranoia and restrict
  access to the host/the data? My personal control-freak tells me that
  "as far as possible" isn't far enough, but that keeps it all depending
  on me. Bad. Knowledge and power should be shared if possible.

  how I should select others that can do this part of work.
  Torsten is a candidate due to his good work with code changes, but
  that *may* not mean he should have the access to the machine[2][3].


[1] for a sponsored machine hosted somewhere in the world.
[2] that doesnt mean I dont trust him. I cant judge that yet, as I
    havent worked much with him up to now, which is also a reason that I
    defer real action on this until DC7.
[3] And if one follows this way of thinking about it - why do have I
    full access? Yes, I set it up and run it, but am I trustable?

-- 
bye Joerg
[...] some would argue that too much free beer with hamper your ability to free
speech; this is an opinion.

Attachment: pgp68cyg8FHcT.pgp
Description: PGP signature


Reply to: