On 25/04/2012 03:52, Pedro Sanchez wrote:

It really amazes me how much we distrust the people who have been
doing a great work (otrs admins, ombudsmen, etc).

And all upon contrived hypothetical scenarios.  "And how about one of
the root-access devs is secretly working for the goverment of... is
anyone working on a solution for this?"

On 25/04/2012 20:35, Casey Brown wrote:
> Nothing will ever be perfect though. For example, the mailman mailing
> list that they currently use can easily be accessed by anyone with the
> root mailman password. The list of people with that password is very
> small -- and is mostly restricted to sysadmins and high-level staffers
> -- but there are still people who can hypothetically access it without
> anyone knowing. It's more an issue of minimizing risk than eliminating
> it.

The main difference is the target of an ombudsman commission investigation are generally not (if at all) sysadmin, but CU, bureaucrat, admin, abcom & oversight. Out of the 12 OTRS admin, 5 are oversighter with 3 CU, and multiple bureaucrat & admins. Having the main potential target of your investigation able to access your primary communication channel used to discuss such investigation without audit record is just not a good idea.

Of course it's all very well believing in the good work and ethics of those currently with those type of rights. However it's a different issue entirely to assume there will never be a bad apple. If that's your attitude, then it have to follow that you believe the ombudsman commission is superfluous.


Experience is a good school but the fees are high.
    - Heinrich Heine

Wikimedia-l mailing list
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l

Reply via email to