[Wikimedia-l] ombudsmen commission

Katie Chan ktc at ktchan.info
Wed Apr 25 21:44:46 UTC 2012


On 25/04/2012 03:52, Pedro Sanchez wrote:
>
> It really amazes me how much we distrust the people who have been
> doing a great work (otrs admins, ombudsmen, etc).
>
> And all upon contrived hypothetical scenarios.  "And how about one of
> the root-access devs is secretly working for the goverment of... is
> anyone working on a solution for this?"

On 25/04/2012 20:35, Casey Brown wrote:
 >
 > Nothing will ever be perfect though. For example, the mailman mailing
 > list that they currently use can easily be accessed by anyone with the
 > root mailman password. The list of people with that password is very
 > small -- and is mostly restricted to sysadmins and high-level staffers
 > -- but there are still people who can hypothetically access it without
 > anyone knowing. It's more an issue of minimizing risk than eliminating
 > it.
 >

The main difference is the target of an ombudsman commission 
investigation are generally not (if at all) sysadmin, but CU, 
bureaucrat, admin, abcom & oversight. Out of the 12 OTRS admin, 5 are 
oversighter with 3 CU, and multiple bureaucrat & admins. Having the main 
potential target of your investigation able to access your primary 
communication channel used to discuss such investigation without audit 
record is just not a good idea.

Of course it's all very well believing in the good work and ethics of 
those currently with those type of rights. However it's a different 
issue entirely to assume there will never be a bad apple. If that's your 
attitude, then it have to follow that you believe the ombudsman 
commission is superfluous.

KTC

-- 
Experience is a good school but the fees are high.
     - Heinrich Heine



More information about the Wikimedia-l mailing list