[Wikimedia-l] ombudsmen commission
Katie Chan
ktc at ktchan.info
Wed Apr 25 21:44:46 UTC 2012
On 25/04/2012 03:52, Pedro Sanchez wrote:
>
> It really amazes me how much we distrust the people who have been
> doing a great work (otrs admins, ombudsmen, etc).
>
> And all upon contrived hypothetical scenarios. "And how about one of
> the root-access devs is secretly working for the goverment of... is
> anyone working on a solution for this?"
On 25/04/2012 20:35, Casey Brown wrote:
>
> Nothing will ever be perfect though. For example, the mailman mailing
> list that they currently use can easily be accessed by anyone with the
> root mailman password. The list of people with that password is very
> small -- and is mostly restricted to sysadmins and high-level staffers
> -- but there are still people who can hypothetically access it without
> anyone knowing. It's more an issue of minimizing risk than eliminating
> it.
>
The main difference is the target of an ombudsman commission
investigation are generally not (if at all) sysadmin, but CU,
bureaucrat, admin, abcom & oversight. Out of the 12 OTRS admin, 5 are
oversighter with 3 CU, and multiple bureaucrat & admins. Having the main
potential target of your investigation able to access your primary
communication channel used to discuss such investigation without audit
record is just not a good idea.
Of course it's all very well believing in the good work and ethics of
those currently with those type of rights. However it's a different
issue entirely to assume there will never be a bad apple. If that's your
attitude, then it have to follow that you believe the ombudsman
commission is superfluous.
KTC
--
Experience is a good school but the fees are high.
- Heinrich Heine
More information about the Wikimedia-l
mailing list