[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-hackers] Re: savannah account

From: Joel N. Weber II
Subject: [Savannah-hackers] Re: savannah account
Date: Tue, 27 Aug 2002 20:45:08 -0400

   This is not really an exception that someone have a particular account
   and particular rights. But while someone have problems using savannah,
   if he thinks he have a special access but havent any informations
   about it, we can think that he does not really requires this special
   access and so it is really possible that he does not anymore have this
   special access.

It used to be the case that anyone who had previously been FSF
programming staff and wanted root access was trivially given root
access, as far as I could tell.  I don't believe I've ever seen any
clear evidence that we think it's terribly likely that there was
anything problematic about that de-facto policy, and people have
always used this level of access to get useful work done.  There has
never been a need to figure out exactly *why* someone needs this level
of access, because it is always the case that sooner or later, life
will be much less frustrating as a result of that access being

It's not surprising that people have little patience when the apparent
policy is changed without any advance notification, or discussion as
to whether it's a reasonable policy.  And decent leadership book will
tell you that if you're going to make a decision that affects people,
that it's worth getting their input, and considering it.

It seems like the spirit has changed, too.  sysadmin.texi had this
text at one point, I'm not sure if it still does:

   The GNU Project stands for freedom of access and sharing of resources.
   In general, security exists only to prevent crackers from making our
   lives painful; and we generally try to avoid fascist security that makes
   our own lives painful without significantly inconviniencing crackers.
   In evaluating any possible security measure that we might wish to take,
   there are several factors to consider: the difficulty for the sysadmins
   to initially set things up, the difficulty for users, and the
   improvement of security.  If something improves security and it is easy,
   we should do it.  If a security measure makes life inconvinient, we
   should do it only if it produces a considerable improvement in security.

(The spelling there mistakes are my fault, I think.)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]