|
|
|
Agenda for the Sunday, May 15, 2011 Grex Board Meeting
6:30-8:30 p.m. EDT, Big Boy, Plymouth Rd, Ann Arbor
1. Call to Order/Roll Call/Determination of Quorum
2. Approval of Previous Meeting's Minutes
3. Schedule Next Meeting
4. Business
a. Validation/Verification Status
b. Federal Tax Return Status
c. Planning for the Future of Grex, continued
Services, Hardware, Location, Publicity, Membership, Implementation
d. Discussed but not Decided (our list of tabled issues)
5. Status Reports (Staff, Treasurer)
6. Adjourn
24 responses total.
If there are any changes or additions to this agenda, let me know either here or in e-mail.
If staff is willing to setup a Apache redirect for anything below http://cyberspace.org/volunteer to http://cyberspace.org/~volunteer/ volunteers could work in the ~/volunteer account and put their scripts there and it will be accessible via the main website. Any programs will run as 'volunteer' which is a normal account so no security implications. Also no patching by staff required, except for ordinary main-website patches.. the volunteer can directly copy his code into 'volunteer' by login: volunteer.
What sort of oversight will there be over the scripts that are allowed to run out of that account/directory?
do we need oversight? mine? the community? a gange of merry men?(meaning volunteers) the filesystem is nosuid so no one can "hack" the volunteer account (SSH keys for access). initially, it will be my scripts. We can add a huge disclaimer page stating that you are entering a "Volunteer" area where the scripts and content are not to be trusted. "Trust this and DIE!!" "This is the GREX Volunteer group - trust and weep" in <b style=red>red</b>
You've got to convice the staff first.
s/convice/convince/
This response has been erased.
This response has been erased.
err.. convince staff about what?
That your idea is worthwhile and reasonable in terms of security, system resources, and staff time.
but how can I (a volunteer who knows 0 about staff competence) comment on Grex security, system resources and staff time? umm.. example: If a staff member is a competent system-admin familiar with Apache, in my estimate, it's a 10 minute job to setup mod_rewrite. If the staff member is a completely clueless n00b (newbie) but familar with computers/Linux, then maybe if i tested and verified the config with the Apache mailing list.. AND if that's an acceptable level of security then 20 minutes..(10 for typing the cfg in, 10 for trying next time) Now IF the n00b-staffer wants to verify the config for himself.. it still depends on what the staff/board considers an acceptable level of security.. If I was in the n00b-staffers position.. i'm all for trying and to hell with security and sys-resources. I'll just make sure remmers is willing to bring back the b0x and that users are okay with downtime.
Okay, I'll tell the board that you all for trying and to hell with security. We'll see what they say.
also tell em, Apache runs as a non root user therefore, in my opinion, fiddling with apache+mod_redirect won't cause a root break-in. Anyway and if they don't agree then *The Best* solution would be to alter this page: http://cyberspace.org/staff/volunteer.xhtml to include a link to: http://cyberspace.org/~volunteers/ You can even stick a disclaimer in there. Eg: Our group of volunteers have their own website that can be found <a href="http://cyberspace.org/~volunteers>here</a>. Please Note: Volunteers are random people on the Internet and Grex, Cyberspace and Grex staff, have no official connection with them. Scripts found here may range from the merely bizarre to the sneakily dangerous. Your passwords may get stolen if you run any scripts found under ~volunteers/! Your account may be abused by all and sundry! You may even wind up being raped and pillaged! If you don't know what you are doing be wary! <whispers> Very wary! etc etc.. <g>
Yikes. That disclaimer is enough to vote against it, I'm afraid. How many volunteers do you have?
0 well.. 1 (me)
Okay. I don't know if we need a disclaimer, though it wouldn't hurt if we toned it down a bit.
*noddles*
We'll not be able to attend this meeting. Don't have too much fun. ;-)
We're discussing rescheduling since it seems like very few others can make this meeting time, either.
This meeting tonight is officially being rescheduled to another date. Board members: please suggest a date when you can attend.
The Board will meet May 29, usual time and place. It's Memorial Day weekend, so not the greatest. But if we wait, we probably won't meet until July or August.
STeve is on the way, drive from Lansing should be there in about 45-60 minutes
Thanks, Glenda. STeve made it in good shape and we had enough board members to conduct business.
Response not possible - You must register and login before posting.
|
|
|
- Backtalk version 1.3.30 - Copyright 1996-2006, Jan Wolter and Steve Weiss