Le 16/02/2017 à 11:31, Vi to a écrit :
> Dealing with staffs they are way so close to more serious stuffs than the
> mediawiki user interface, so I wouldn't care about their on site accesses.
> Root access to db, squid data, mailman, physical access to residuals of old
> identification system, subpoena etc (even random paper sheets left on the
> top of a desktop) is, to me, way more serious than being able to make some
> noise in a fairly controlled environment
> <https://meta.wikimedia.org/w/index.php?title=Special%3ALog&type=&user=&page=User%3APreilly&year=&month=-1&tagfilter=&hide_thanks_log=1&hide_patrol_log=1&hide_tag_log=1>
> .


I have some of the access you describe and had them for more than a
decade. Partly as a volunteer in the early days, nowadays as a
contractor to the WMF.   I have been following the whole thread, let me
highlight a bit about the technical side of it since you mention site

Those accesses are granted solely for technical reasons. It has always
be made clear to me that technical people should NOT use their rights to
mess with the sites community. All the rest is the role of Support &
Safety, Community Liaisons, Legal, ArbCom or whatever else. They are way
better than us to gauge how to interact with people, and heck it is
their job!

In the very early days there were no staff and I eventually got granted
access after lot of online discussion and ultimately with an half an
hour phone call from France to Australia. (hello Jeronim). I guess it
was a matter of trust.

Nowadays that is legally enforced with Non Disclosure Agreement, Server
Access Responsabilities. For contractors a commercial contract, for
staff with an employment contact and all the associated laws.

A standard in the industry is that people only have a slice of rights
granted to them.  They should be limited to the sub set of accesses that
let them do their work. Any requests for more has to be justified and
goes via a quarantine period to make sure it is properly endorsed.

* I do not have access to mailman , cache logs nor I have root on
databases. When I need informations from such systems, I ask them to
people who have the access. They will either deny my request or get the
informations and deliver them back to me.

* I do have access to the databases of the public wikis. So I can for
example help a user to recover access to their account (there is a
process for that) or do the equivalent of CheckUser when one script bot
is threatening the infrastructure.

Only a few people do have all the technical accesses. They have process
and follow them. So if we have a process to revoke someone access, they
will make sure the requirements have been fulfilled (eg: signed by Legal
or C-level) and do their duty.  Their job is not to question whether the
revocation is justified, their role is to make sure that it is the
proper person asking for the revocation and then just do it.  They might
have personal feeling, might do the revocation against their own will.
In the end they act.  And having witnessed that first hand a couple
times, it is not fun at all, but that is the part of the job.

As a side note, all the people I know having such accesses are heavy
defender of privacy. Up to a point we end up all being very paranoid.

Antoine "hashar" Musso
"dont forget: be bold!"

Wikimedia-l mailing list, guidelines at: 
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and 
New messages to: Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Reply via email to