2011/3/7 Michael Scherer <[email protected]>: > > Depend on the havoc that could be done by someone stealing a unused account. > > Someone posting on the forum under a false name will generate lots of drama, > but nothing critical. The same goes for bugzilla, or any ml. > Now, someone moderating a forum and wrecking havoc would be > more problematic. The same goes for svn/git/packages/translation/etc. > > Maybe it is simple to remove membership from all group, except those seen as > unsensitive ? ( ie, everything except default users group ). > > We also need to see when do we remove such access. IE, if someone after X > months > decide to find interest into doing stuff that requires Y privileges, > what should happen ? > > - let him do it without asking ( keep Y privileges ) > - need to ask to have his privileges back > - need to redo the whole system from start ? > > I guess that depending on X and Y, of course, and so we need to have first a > list > of Y. > > Let's try with that : > - commit to developper svn > - commit to packages svn > - submit packages > - commit to web svn > - modifiy ldap > - do sysadmin stuff ( log everywhere, touch to config ) > - planet subscription > ( insert bugzilla stuff ) > ( insert blog privs ) > ( insert i18n stuff ) > ( insert forums stuff ) > ( isert missing stuff ) > > I assume that we can all agree that a leader/deputy/board member resiging > will have > board/leader/deputy access removed. > > > Kharec, maybe you have something to recommand to us, with regard to > your account ? > ( after all, you are the one who is mainly impacted, so it would be > quite unfair to not have your opinion taken in account )
Not really matching my previous statement about "sleep time", but IMHO the easiest and also a clear cut situation could be: 1. keep his Mageia identity 2. but remove all privileges which go beyond a "user's" permission. "User's permissions" as being defined by what a normal user can do: - read all MLs, forum, wiki - write forum posts, edit wiki pages In other words: he is able to follow every step Mageia takes, the progress in his field of contribution, etc. He can stay up-to-date and can jump in again any time he wants. The benefit of having been a contributor before show when he returns: He only has to express his born again interest in contributing, after that the people in charge (sysadmin, team leaders, etc.) can just restore all his former permissions. This may sound a bit harsh but it is - easy to handle for the admins, - easy and clear for the contributor/user to understand what he is entitled to do and what not, - easy to handle on return of the contributor. -- wobo
