leon.p.smith at gmail.com
Tue Sep 4 01:35:33 CEST 2012
On Mon, Sep 3, 2012 at 4:20 AM, Erik Hesselink <hesselink at gmail.com> wrote:
> I think that the eventual situation should have per-package uploaders.
> It just seems to dangerous for anyone to be able to upload any
> package, especially heavily-used ones.
I think you underestimate the power of non-technical security measures.
It's not been a problem in the past, and Debian allows any committer to
upload any package.
The thing is, since we have an account approval process and that we have a
full, public log of everything that everybody's uploaded, people are
going to notice when somebody uploads something they shouldn't. We have
accountability, unlike a typical FTP site or other mutable filesystem.
Also, remember Linus Torvald's justification for not having any commit
bits in git; I think our situation is different but similar. If
somebody does upload something they shouldn't, to what degree is it really
a problem? Again, data is not lost, and we have accountability.
> On the other hand, I see little
> use for the global uploaders group. So I'd propose to eventually
> switch from the current situation, and have only per-package
> uploaders, and no global uploaders.
As a LtU admin (something more of a nightclub bouncer, really), I dislike
the current Hackage 2 user account process in a lot of respects. But the
approval process has worked remarkably well for LtU, we haven't had a
single spam message since requiring account approval before posting. (I
hope I haven't failed to approve too many legitimate requests... but at the
same time, if somebody really wants an account they can try again or
Also, we haven't had a single problem that I'm aware of on Ross Paterson's
watch as bouncer for Hackage 1. The point I'm trying to make is that a
technical solution imposes additional administrative and technical overhead
whereas social processes can also be very effective while also handling
corner cases more gracefully.
I've been working on a very rough sketch of a web application for the
workflow I'd like to have in this account request/approval process.
Hopefully I'll have some code to show soonish, but I have a lot on my
plate this week.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cabal-devel