On Wed, Dec 23, 2020 at 12:37 AM Peter Robinson <pbrobinson@xxxxxxxxx> wrote: > > On Wed, Dec 23, 2020 at 12:20 AM Kevin Fenzi <kevin@xxxxxxxxx> wrote: > > > > On Tue, Dec 22, 2020 at 11:22:17PM +0000, Peter Robinson wrote: > > > On Tue, Dec 22, 2020 at 11:02 PM Kevin Fenzi <kevin@xxxxxxxxx> wrote: > > > > > > > > On Tue, Dec 22, 2020 at 10:29:11PM +0000, Peter Robinson wrote: > > > > > > > > > > I think what ever process is run at the point their account is > > > > > disabled should revoke all privileges, that's a fairly standard IT > > > > > security procedure. > > > > > > > > There's no process for packages/provenpackagers. > > > > > > > > We do have a process for infrastructure/sysadmins: > > > > https://docs.pagure.org/infra-docs/sysadmin-guide/sops/departing-admin.html > > > > > > > > But it only triggers when we _know_ someone isn't contributing anymore > > > > (they tell us, etc). > > > > > > How were the accounts disabled though? Is there a process for that or > > > how did that happen in this context? > > > > Accounts can be disabled two ways: > > > > 1. The user logs in and marks the account 'inactive'. To change this > > back to active they have to reset their password and login again and > > change it back. > > > > 2. An admin can change users to 'disabled' where they cannot change that > > without intervention. > > In both cases all ACLs should be removed, if in the former they wish > to have what ever access back there can be a documented process to > file a ticket for it. Just to expand on this a little. Removing access from people that have left the project either because they've decided they're able to continue to contribute (option 1) or because something has triggered an admin process (option 2) isn't a slight on the person involved in any of this process and removing a well earned ACL doesn't remove any of the contributions or the value they provided in the past. But we have to realise than inactive accounts may mean associated inactive email addresses or other things associated with a person which may be open to compromise as well and we need to protect the project as a whole as after-all if a fellow contributor has moved on to better things account is used to comprise everything where does that leave us? Group membership is easily re-instated, trust after a security compromise.... not so much! Peter _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
