Jesse Keating wrote:
On Friday 20 October 2006 10:58, Warren Togami wrote:
What prevents somebody from creating a project and checking in sources
that are highly illegal?
CLA and some group membership that requires sponsorship would be more
than sufficient to guard against this. cvsextras would be a good
starting point.
Which certainly sounds like "bureaucratic hassles or delays" to me. First a
user has to get a CLA, then somebody has to sponsor them to be added into a
group, and wait for propagation.
My point being that we can't have any sort of self protection without
bureaucratic processes.
Existing trusted users (who are quite numerous and membership expands at
a good rate) would have free reign without bureaucratic overhead to
create projects and repositories. They could grant commit access to
others, and be responsible for content in repositories that they own.
I see this as a good balance that both allows flexibility of developers
to do what they want, with an effective amount of risk mitigation.
Warren Togami
wtogami@xxxxxxxxxx
_______________________________________________
fedora-advisory-board mailing list
fedora-advisory-board@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-advisory-board
_______________________________________________
fedora-advisory-board-readonly mailing list
fedora-advisory-board-readonly@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-advisory-board-readonly
