On Wed, Apr 01 2015, Jeremy Stanley wrote: > Responsibilities not tied to specific controls in our tools do exist > in abundance, but they tend to be more fluid and ad-hoc because in > most cases there's been no need to wrap authorization/enforcement > around them. What I worry is happening is that as a community we're > enshrining the arbitrary constructs which we invented to be able to > configure our tools sanely. I see this discussion as an attempt to > recognize those other responsibilities as well, but worry that > creation of additional unnecessary authorization/enforcement process > will emerge as a "solution" and drive us further into pointless > bureaucracy.
+1 We never used so fine grained ACLs in Ceilometer. If a person knows enough about the project, sounds responsible and is helping, then I'm giving him/her the rights to help the project. Which usually includes all the right so that person is not blocked by some ACL if he/she wants suddenly to give his/her advice on a piece of code or triage some bugs. I've never seen big mistakes, and we don't have a lot of unrecoverable mistakes. In the end I prefer to give forgiveness than permission. -- Julien Danjou /* Free Software hacker http://julien.danjou.info */
signature.asc
Description: PGP signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
