|
Grex > Coop13 > #363: The Temporary Cross Root Incident Item | |
|
| Author |
Message |
| 25 new of 128 responses total. |
vivekm1234
|
|
response 25 of 128:
| 
Sep 24 05:55 UTC 2006 |
Re #13: "I do not feel that Steve's actions with revoking Mic's access were
in any way justified. If he felt that there was some threat to the system at
the time, then perhaps, but I find it utterly perplexing that Steve could think
such a thing."
Steve's personal feelings towards you or spooked are irrelevant. Let's say that
spooked, you and steve were the best off pals and long time associates and
steve knew for a fact that there was no way his friend of many years would hack
Grex, but you did not have staff approval for root access. The situtaion would
still demand that he kick both of you out. Why? Because if he didn't it would
reek of cronyism! Steve the individual does not matter and his friendships,
opinions etc on two individuals are ir-relevant! He should be a robot with no
feelings what so ever on the matter! Possible security breach, lockdown the
box, kick out all concerned, report to staff and let them settle the matter.
Try to understand what i'm saying Dan - Steve may respect you a lot, but
without a unequivocal YES from staff the only thing he can and should do is to
kick you out and spooked and shove the matter to staff for resolution!
He certainly should have sent email immediately to staff and to cross and
spooked! Some thing like: "Hello, cross isn't a part off staff and spooked has
given him root access. I feel this is a violation of Grex policy, therefore
i've locked them both out. Sorry guys, it's unlikely that the both of you were
upto mischief but given the circumstances it's best that staff sorts this out."
Has he done that?
Since cross feels Steve was rude to him, a quick post from Steve ought to
settle the matter. "Hey Dan, didn't mean to appear rude. Your help is
appreciated but i got to follow protocol or we will get hunted down by hungry
lawyers!"
Re #18 #21: Don't muddy the waters with opinions minus validating data. Don't
try to mind read: "steVE would probably had done nothing had he seen valerie
with root privileges last night."
Steve's competence wrt cross is not under discussion, offering that as a
argument is illogical. The question under debate here is whether Steve was
right in disabling spooked/cross's access when they did not have staff
approval. Frankly i think cross should be on staff!! But that's not the point!
I think a lot of people are allowing personal prejudices to cloud judgement!
You don't like steve and like cross and you find staff difficult to deal with
etc etc, ergo Yay cross! Boo Steve! Plus the under dog factor is at work -
cross isn't authority, does cool stuff, young, wants to change things and that
has appeal but i suspect that he MAY not be as level headed as say remmers!
(mind you that's off the cuff..).
I feel that heaving cross into staff should solve the problem! He gets to do
cool stuff under a watchful eye <g>
|
cross
|
|
response 26 of 128:
|
Sep 24 06:01 UTC 2006 |
Well, at least someone still thinks I'm young.
The issue at hand is that the policy is not clear. Mic (and I) clearly
interpreted it one way, Steve the other. Are you suggesting that anytime
someone does something where someone else interprets the relevant policy
differently, they should be locked out of the system? Even less will get done
than ordinarily around here....
|
gelinas
|
|
response 27 of 128:
|
Sep 24 06:26 UTC 2006 |
Dan, "root access, granted within set parameters" is neither limited nor
limitable, *EXCEPT* by trust. There is no other way to enforce the 'set
parameters.'
That trust requires Board consent. *That's* what the policy says.
Yeah, setting up setuid requires root access. So someone *else* should have
installed your changes, were they to be installed.
|
vivekm1234
|
|
response 28 of 128:
|
Sep 24 07:49 UTC 2006 |
Re #26 I totally agree with you that the blasted policy is unclear and needs
to be updated immediately! I also don't fault you or Mic in this matter! Both
of you are the unfortunate victims here! I can't think of anything more
unpleasent than being barged off, especially after contributin stuff the way
you have! I also feel that "staff" and possibly "steve" should make it clear,
in no un-certain terms, that your help is appreciated and valued! Certainly
a apology from "staff" is in order - after all they have caused the ambiguity!
"Are you suggesting that anytime
someone does something where someone else interprets the relevant policy
differently, they should be locked out of the system?"
It's not a question of "someone else interprets the relevant policy
differently"! Steve isn't a random someone! He is in-charge of the day to day
running of Grex. In tod's words "Grex IS his baby", from the day-to-day running
point of view. If he feels that he should kick out someone that's his
prerogative! He is only responsible to the board! He can kick out remmers,
mdw,spooked,janc or just about anyone if he sees it fit to do so, but he'd
better have logic backing him up or the board will chew him up.
What i'm saying in no uncertan terms is this: Steve has the right to do
anything! The board/staff decides what is right or wrong. Staff/Board is only
superseded by the US government!
In this particular case, because of the ambiguity in legal interpretation,
staff can't criticize steve or spooked. But i'm willing to bet that they won't
allow temporary access to root without board approval and rightly so i might
add - which does vindicate steve :(. But, they had better offer a rattling good
apology to both spooked and you.
|
spooked
|
|
response 29 of 128:
|
Sep 24 09:09 UTC 2006 |
I suspect an apology is beyond them, but anyhow that's just a reflection
on them - and people can form their own opinion of it.
A couple of things. Somewhere about 8 responses back, someone (naftee I
think) said STeve has half the technical capabilities than cross or
myself. I'm not about to speak for cross, but I can admit through
experience STeve has more experience and technical competency than myself
-- I don't doubt, and never have, his technical competence. However, it
is his attitude and rash reaction which do not sit kindly with me.
Another thing... all this talk about Grex being sued over such a thing is
Hollywood..... please don't add to the over-dramatisation of this very
innocent event. The Bylaw in question here is very open for
interpretation - the fact that at least a few educated individuals have
interpreted it in different ways highlights this. Furthermore, it is
clear that neither cross nor myself were acting maliciously.
I have said enough now on this issue. Let them continue on as they
please. It is sad that initiative and active participation is not cheered
(but rather criticised), but we don't live in a perfect world. There is
more important things in the world than needless drama.
|
glenda
|
|
response 30 of 128:
|
Sep 24 10:11 UTC 2006 |
Re #25: Yes, STeve sent email to the BAFF immediately. He also called me
immediately to have me log into my email to make sure it went through.
|
vivekm1234
|
|
response 31 of 128:
|
Sep 24 11:05 UTC 2006 |
Re #29: No one is saying that either off you "were acting maliciously"!
Anyone saying that needs to get his head checked! All i am saying is
that proper procedure was not followed and that the reason we
have procedure is to cover ass in court. Assuming Grex gets cracked some time
in the future, a clever lawyer would go through the bbs looking to see if
Grex was mis-managed. All these issues would be brought up - look, the truth
is not what "actually happened" it's what "can be proven". Oh! It's all very
unlikely, but why have a policy, board and charter if it's just so much bull?
As for it being Hollywoodesqe: Bleah! I read in the paper, in India - some time
back, that a burglar had sued a home owner for his getting stuck in a chimney
during a burglery attempt <grin>. Also check out: http://www.overlawyered.
com/archives/00nov3.html and search for "Burglar". If that can happen, i'll
argue that anything can happen! <grin>
Anyway, no more posts from my side on this matter. I'm going to spend my
valuable time checking out the cute chicks on
http://www.seedbiology.de/people.asp <g>
|
spooked
|
|
response 32 of 128:
|
Sep 24 11:35 UTC 2006 |
Even if Grex gets cracked, we are not liable.
We have enough disclaimers, and are restricted in the extent to which we
can protect people's privacy... which we have said numerous times/places,
Grex is not the place to come knocking if you want any.
|
cmcgee
|
|
response 33 of 128:
|
Sep 24 13:17 UTC 2006 |
We have policies because we are a group of people who have agreed to associate
under certain terms and conditions. Our policies are mutally agreed upon
"rules" that we believe make this social system stable. We change these
policies by concensus and by democratic votes.
It is not lawyers that drive our social compact. It is our mutual design of
a culture we want to be members of.
|
remmers
|
|
response 34 of 128:
|
Sep 24 15:22 UTC 2006 |
My thoughts:
Since group wheel membership effectively gives root access, there was a
violation of Grex policy. As Gelinas pointed out earlier, there were
other ways this could have been handled from a technical standpoint.
Hopefully this won't happen again.
My understanding is the same as Glenda's regarding the Garage
conference, and probably the same as most other staff members: It's a
place to discuss ideas and provide input on Grex technical issues, not
an official place to make decisions. I think an appropriate and
courteous step to follow before making system changes of this sort is to
alert staff via email or the staff conference, where staff normally
expects these kinds of things to be brought up, allow a few days for
feedback, and then proceed if there's either no feedback or there's a
concensus that it's ok. That's how I proceeded when the issue of
turning off the idle daemon came up a few months ago and I took the
initiative to go ahead with it.
That's my ideal about the way staff should work together. I won't claim
that there isn't more than one person who's violated it in one instance
or another, of course.
|
tod
|
|
response 35 of 128:
|
Sep 24 16:08 UTC 2006 |
re #20
I wonder what would be the response had valerie, another former staff member,
been given root access with such little discussion.
I seem to recall folks blowing off Valerie's ad-hoc mods in /etc way back when
but heaven forbid spooked implements something with a lil backup from cross.
I dunno..its really water under the bridge and I think staff is freaking out
when they cut spooked from being able to help. Its very silly to read about.
|
cross
|
|
response 36 of 128:
|
Sep 24 16:50 UTC 2006 |
Regarding #27, #34; Thanks for the comments, Joe and John. I still feel that
the policy is a bit vague and open to interpretation. However, we can turn
this into a positive by taking it as an opportunity to update the policy to
avoid such disconnects. Further, it would also be a good time to put into
place a policy over when and why a staff member can pull another staff
member's staff access. This really should have been done after the valerie
incident.
Regarding #28; There's one thing I think you need to understand. Steve is
*not* in charge of grex's staff. There is no one "in charge" so to speak of
it; ideally, they make decisions democratically like the rest of grex.
Remmers has just as much "right" to yank Steve's access as Steve has to yank
his (though the mind boggles thinking of a situation in which either would
happen).
And finally, as I've stated many times before, I wasn't going to install
anything on Friday night. I just wanted to poke around and make sure that
*I* understood how much work had to be done.
|
other
|
|
response 37 of 128:
|
Sep 24 19:49 UTC 2006 |
For the record, I think it should be said the STeve's pulling of mic's
staff privileges without discussion even just with mic is an equal
violation to mic's provision of staff privileges to cross without
discussion.
Obviously neither of these actions occurred with ill intent, and I don't
think any punitive response is warranted or desireable. Certainly,
cross is exhibiting the ideal attitude by trying to focus this
discussion on modification of the existing policy to prevent similar
occurrences in the future, and I think that is the angle from which we
should all be approaching this discussion.
To that end, I think the verbage dealing with provision of staff
privileges and system resources should specifically deal with root
privileges both directly and through sudo and wheel group membership.
|
cross
|
|
response 38 of 128:
|
Sep 24 20:14 UTC 2006 |
Thank you, Eric, that nicely summarizes my intent. To puy my earlier response
to Joe and John another way, since Friday, it has become rather clear that
many of grex staff members feel the intent of the present policy bars even
temporary access to root. However, both Mic and I interpreted it differently.
I would like to see the policy reworded to more clearly express the intent
with respect to root access, that's all.
|
spooked
|
|
response 39 of 128:
|
Sep 24 21:48 UTC 2006 |
Yeps... exactly my sentiment Eric. And, I am still without root or staff
privileges -- with no apology, or hint of an apology from STeve or staff.
This type of slap in your face is one aspect (alongwith general
closemindness and contemporary thinking) that discourages newcomers from
joining Grex staff.
I don't think I'm being unreasonable one bit here.
|
cross
|
|
response 40 of 128:
|
Sep 24 22:10 UTC 2006 |
I find the fact that Mic's access has not yet been restored disturbing. Was
this an oversight? Or is it deliberate?
|
nharmon
|
|
response 41 of 128:
|
Sep 25 13:23 UTC 2006 |
I'm deeply troubled when a Grex staffer can just unilaterally decide to
pull someone else's administrative rights in a non-emergency situation
like this. It is a clear usurpation of BoD powers, and constitutes
insubordination.
I am simply appalled.
|
scholar
|
|
response 42 of 128:
|
Sep 25 14:02 UTC 2006 |
What are we losing faster, members or staffers?
|
cross
|
|
response 43 of 128:
|
Sep 25 17:29 UTC 2006 |
Membership has halved in the past few years, but I don't think the same is
true of staff.
|
tod
|
|
response 44 of 128:
|
Sep 25 17:35 UTC 2006 |
re #39
I wouldn't blame you a bit if you resigned your offer to be on staff. It is
one thing to protect the system but entirely another to remove someone from
staff without even communicating or apologizing for the urgency to that
person. Unfortunately, I've seen this behavior in the past amongst Grex staff
and the culture is such that people are too timid to address or correct the
behavior of the longtime participants.
|
naftee
|
|
response 45 of 128:
|
Sep 25 21:59 UTC 2006 |
pretty soon, GreX is going to have fewer active staffers than m-net !
|
cross
|
|
response 46 of 128:
|
Sep 25 22:28 UTC 2006 |
Todd is right. There are multiple issues at here. Not only is there a policy
issue, there's an issue of culture on staff.
|
cross
|
|
response 47 of 128:
|
Sep 25 22:57 UTC 2006 |
I'm concerned that Steve hasn't chimed in here. I think it would be unfair
to draw conclusions without hearing his side of the story.
|
tod
|
|
response 48 of 128:
|
Sep 25 23:00 UTC 2006 |
Perhaps staff should draft some policies on change management (including
protocols for how to handle compliance thereof.) The protocols can include
a process for pushing complaints onto the agenda of a board meeting within
a week's notice and also a process for both parties to submit their paragraph
of response for the board to review.
If the board is unwilling to accomodate staff complaints about abuse against
set procedures then the membership can issue a vote of no confidence against
the offending board members.
|
eprom
|
|
response 49 of 128:
|
Sep 25 23:06 UTC 2006 |
I would like to see a vote of censure at the next board meeting.
|