Please audit the accounts of the following individuals, and remove then from any permissions that are specific to Board of Director duties. Err on the side of removing too much, I'd say, since presumably that can always be added back.
Jim Perrin Karanbir Singh Fabian Arrotin Ralph Angenendt Karsten Wade Carl Trieloff
Thank you.
Hi Rich .. can you come with some specific permissions you'd like to see removed ? for example, do we have to remove their @centos.org email alias ? (that was granted to centos board members in the past)
Metadata Update from @arrfab: - Issue assigned to arrfab
Metadata Update from @arrfab: - Issue priority set to: Waiting on Reporter (was: Needs Review) - Issue tagged with: centos-common-infra, need-more-info
In my opinion (if that matters), someone who is an active CentOS dev should keep using the @centos.org address. I don't think it is exclusively associated with the board members. :)
Well, this is part of the difficulty, I guess - we're not at all sure what permissions are associated with these accounts. @bstinson suggested in the board meeting that perhaps auditing what these are would be the right start.
For your specific question, no, I absolutely don't think we should drop @centos.org addresses, since these people remain valuable ambassadors for the project, and those email addresses may already be out there "in the wild" as a way to contact them. Also, there's no security risk for them to retain them.
It was suggested that in the past, board members automatically got root a bunch of places. I have no actual knowledge whether, or to what degree, that is true, but that would be once thing to (probably) review, if there's no longer a legitimate reason for them to have those permissions.
What other permissions do these accounts have?
The following rights were modified:
Metadata Update from @arrfab: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.