On Sat, Dec 4, 2010 at 6:58 PM, Ricky Elrod <codeblock@xxxxxxxx> wrote: > I kind of agree with your levels of trust there, but one thing I notice > (that Mike/mmcgrath has pointed out before) is that we get a lot of > people who show interest, get access to some subset of systems > (like -noc, or -test), and then never use it, and just fade out. Or > they send out their introduction email, but never join on IRC > and never actually get involved. > I realize -test is kind of more public than the rest, but I think we > should occasionally go through -test and -noc and see who all > has faded out/not used their access. I'd rather people come back > in a month asking to be re-sponsored into a group than have access > to things just hanging there, and never be used. The more access, > the more entryways into the servers, and the more security risk. I don't disagree I guess I thought it just happened based on this: http://fedoraproject.org/wiki/Infrastructure/GettingSponsored#Grounds_for_removal Actually 6 months seems a bit 'long' to me. Perhaps that should change to 1 or 2 months. Trust and competence are important, and aren't necessarily erased by a few months difference, but with the rate of change, things can significantly change in the environment, and that's worth the extra effort of getting 'reacquiainted' before getting access back. Perhaps we also set a minimum time for people to get sponsored - eg, you get read only access, but that expires in 90 days - and we purge that access. You can reapply of course, but that would keep people from continuing to login perpetually with RO access. _______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
