Grex Oldcoop Conference

Item 363: The Temporary Cross Root Incident Item

This item is for discussion the incident where I was granted temporary root
access by spooked for the purposes of making some modifications to grex's
software.

Continuing the discussion that started in item #362, I have some comments.
As you may or may not know, spooked granted me access to the wheel group for
purposes of installing changes to the way in which grex does password
authentication.  Those changes had been open for discussion in the garage
conference for more than a week with uniformly positive reaction, and it was
in the garage conference that Mic said he'd put me in the wheel group, a
side effect of which is root access via the use of the sudo command).  That
said, I was not prepared to install them as I wanted to hear from more staff
members before going ahead (a question to that affect was posted by me in
garage), but it was nice to have the access to snoop around and see how
hard it would be.

Evidently, however, he didn't alert the rest of staff that he was putting me
in wheel.  I was unaware of that.  I used that access and added myself to
the staff conference ulist so that I could post a notice once I was finished
making the aforementioned changes.

Sometime very shortly thereafter, Steve noticed this change and (a) removed
me from the staff ulist, (b) changed the /etc/group file to remove me from
the wheel group (thus, in effect, revoking root access), and (c) evidently
removed spooked from the staff ulist and from the wheel group, effectively
removing him from staff.

I was happily compiling software while Steve was doing this.  When I noticed
that sudo no longer worked, and I couldn't get into the staff conference, I
did a "w" and saw that Steve was the only staff member logged in and active.
I asked him, via write, if he had removed me from wheel.  He said he had; I
will post the trascript of our conversation later.  I found it personally
offensive and rude.

Remmers posted the official grex policy for root access.  To quote:

Staff Membership - November 16, 1994
------------------------------------
Staff with permanent root access may at its discretion grant specific
resources to qualified individuals for the purpose of performing work that
is beneficial to Grex. Examples of such resources would be write access to
selected directories in order to modify data files or to install software.
In the the event of an emergency, temporary root access may be granted by
any permanent root.
Permanent root access, access to the staff conference, and access to the
"baff" mailing list shall be with the advice and consent of the Board.
-----------------------------------------------------------------------
See http://cyberspace.org/local/grex/policy.html for this and other
policies adopted by the Board.

Remmers then stated:
"This policy allows temporary root access to non-staff in an emergency,
 which this was not.  It requires board approval for access to the staff
 conference, which was not obtained."

To which I have the following comments: The staff conference thing is my
mistake, as I acknowleged in item #362.  All I can say is that I'd forgotten
about the policy, and should have checked.  I'm guilty.  Line up the firing
squad and let's get it over with.

However, I submit that Mic's actions are in keeping with the above quoted
policy.  In particular: Mic did not give me the root password; he put me in
the wheel group.  This is not unrestricted access, it is a specific mode of
access.  The difference is subtle, to be sure, but still there.  Also,
granting access to that group is granting access to specific resources for
the purpose of performing work that is beneficial to Grex.

What's more, that level of access for "write access ... to install software"
is necessary for the changes I have made.  In particular, writing to
newuser, the passwd program, the login_grexpass program, and wnu all require
access to the root account to set permissions appropriately.  What's more,
these all live in directories where it is not reasonable to grant my account
(or any other non-privileged account) write access.  How could *anyone*
reasonably be expected to install such things without such access?  It could
be argued that such access should not have been granted until I was actually
ready to install these programs, I suppose.

Then, there's the matter of Steve's reaction.  Steve has removed spooked
from the staff conference ulist, as well as the wheel group, and I wouldn't
be surprised if he has also changed the root password.  This is a gross
over-reaction and wholly inappropriate.  It is not at all clear that spooked
violated grex policy, as I have outlined above.  He didn't add me to the
staff conference, I did, which was clearly a mistake on my part; he
shouldn't have to pay any sort of consequences for that, nor did he hand out
the root password to anyone.  He gave an appropriate level of access to a
specific resource in accordance with the stated policy.  If he's guilty of
anything, it's of doing so prematurely.

And what gives Steve the right to remove people from staff?  Shouldn't that
be a board decision?  I can see that, in the case where a staff member goes
crazy and damages the system another staffer might have to take emergency
action to prevent major damage, but that was clearly not what was happening
last night; I really doubt that spooked was going to try and add me to
anything again after Steve expressed such clear displeasure with it.  Fine:
me with root access is a contensious issue, let it be discussed by the board
and staff and whomever else; perhaps Mic made a mistake.  Perhaps he
interpreted the policy as I have.  But could Steve have seriously thought
that Mic was going to damage the system?  Surely not.  And why remove
spooked from the staff conference, not even allowing him a forum to defend
his actions to other staff members?

And then there was the way Steve treated me, which I am quite upset about.
His beef is arguably with Mic, and yet his tone and statements to me were
condescending and rude.  Now personally, I don't think he *should* have a
beef with Mic, but if he does, he certainly shouldn't be taking it out on
someone *else* who was volunteering to improve grex.  He should go discuss
it with Mic like a rational adult.

But maybe I'm just being overly sensitive; I welcome other opinions on the
matter.  Here is the transcript of my online conversation with Steve online
last night, slightly edited for formating and to make clear who was saying
what: you be the judge.

Personally, I think this whole thing is a series of unfortunate
misunderstandings.  It clearly highlights some changes that need to be made
to grex policies: in particular, staff needs to actually read garage and
read coop, and the root access policy should be clarified with what exactly
it means to grant specific resources to non-staff members for specific
things, and under what circumstances a permanent staff members privileges
may be revoked without board approval.

----
: grex 1793; write steve
Writing to steve on ttypl...
DAN:
I take it you just removed me from wheel?

Telegram from steve (root) on ttypl at 22:58 EDT ...
STEVE:
yes?                     
EOF (steve)

Message from steve (root) on ttypl at 22:58 EDT ...

: grex 1794; write steve
Writing to steve on ttypl...
DAN:
May I ask why?                                           
o

STEVE:
Why?
You have to ask?
jesus

DAN:
Uh, yes?
o

STEVE:
I don't know hw you snookered kic into doing that, but underhanded
methods of getting root aren't appreciated here.

DAN:
Pardon me??
o

STEVE:
mic put you in wheel in /etc/group and readded you to the ulist
on staff.
o

DAN:
Mic put me into the wheel group as per the contents of item 27 in garage.
I put myself into the ulist on staff so I could announce when the conetnts
of said item had been carried out.  I'm sorry, I must be missing something
here. What is underhanded about any of that? o

STEVE:
that is tantamount to handing out root dan. you know that.
o

DAN:
And why is that a problem, Steve?
o

STEVE:
Dan if you don't understand that, I don't think I can explain it to you.
o

DAN:
I think you should try.  Have you read item 27 in garage?
Besides, as you know, I have had root access to grex before.  I think I can
be trusted not to damage the system.
o

STEVE:
That is not the issue.
I don't think you'd screw up the system
but for a staff person to give ANYONE the root password without
at LEAST telling everyone on baff, is really a gigantic problem.
and, no I have not read item 27.  I guess I will.  is it a 
major problem?

DAN:
o?

STEVE:
sorrry - staff cf or garage?
o

DAN:
(garage)
o

DAN (again):

No, it is not a major problem.  It is a proposal to move to the system standard
password hashing scheme.  However.
(a) I submit to you that whatever Mic does is really beyond my control.
(b) I object to your characterization of my request for root access as
"snookering" someone into anything, and your labeling it as underhanded.
(c) If Mic does something without telling baff, how precisely am I supposed  
to know that?
o

STEVE:
I don't know.  OK, I'll retract the word underhanded.  Instead I will use
the phrase "POORLY thought out" and will not retract that.

DAN:

Are you referring to Mic or myself?

STEVE:
I need to tend to a machine for a new minutes. still at work
that phrase refers to both of you.

DAN:

(Take your time in replying)
May I ask WHY it refers to me?

STEVE:
Mic, for granting root level access to someone, quite regardless of
your past staff status.  You, for accepting it.

DAN:
o?

STEVE:
o

DAN:
I fail to see how accepting something that had been publically requested is
poorly thought out.
I further fail to see how it's snookering anyone into anything.
o

DAN (again):

(And I use such strong language because I still find your initial
characterization uncalled for and rude in the extreme.  Steve, I respect you,
but I do feel somewhat offended.  You see to view me as the enemy, and I don't
understand why, and it ranckles. o

STEVE:
back for just a sec, getting a manual.  Dan, you are in the armed services,
correct?

DAN:
Yes. I am.  Why do you ask?
o

STEVE:
If you did something that was against protocols, others in your organization
would be pissed, right?  Well, isn't that exactly what jhust happened here?

DAN:
o?

STEVE:
The staff and board consult before givig out root acess.  That you were once
staff does  not matter, I do not think.  THAT is what I am pissed about.
does that at least make some sense to you, the violation of protocol.
o

DAN:
a
Well, who do you think violated protocol?  How am I to know that Mic hadn't
consulted the board and staff?
In the military, if one were to give access to a protected resource without
proper authorization, it would be that person that would be punished, not the
person who was granted access.
Do you understand this?
o

STEVE:
you know dan, I honestly think you could be a laywer.  But I will say that
you should have heard something in coop, or email, or SOMETHING somewhere
about your being on staff.  And you didn't.  Mic did that all on his own
and I think you do know that, way down.   Sigh.  Back to the macnhine; I
will come bback once a raid array is formatting.
o

DAN:
Pardon me, Steve, but I did hear something: in Garage.  Naturally, I thought
Mic *had* talked to others.  However, it's becoming clear that at least you
don't read that conference.
o

DAN (again):
(And for the record, deep down, yes, that's what I believe.)

DAN (again):
: grex 1795; write steve
steve logged on more than once
Writing to ttypl...
(Sorry, clearing the screen.)
o

DAN (again)
Steve, are you there?
o

DAN (again, approximately two hours later):
I'll assume you are too busy to respond currently.  I myself am likely going
to sleep.  I hope you'll get involved with the discussion in garage #27 and 
we can go from there; all of the necessary code has been written and tested,
it's merely a matter of installing it.  If people would like me to do that,
I'm perfectly willing, and will wait for staff and board or whomever to vet
me and make it happen.
oo

(And for a little bit of levity, I found the following, from grex's fortune
files, amusing and apropos.  Perhaps you will too....)

Rhode's Law:
        When any principle, law, tenet, probability, happening, circumstance,
        or result can in no way be directly, indirectly, empirically, or
        circuitously proven, derived, implied, inferred, induced, deducted,
        estimated, or scientifically guessed, it will always for the purpose
        of convenience, expediency, political advantage, material gain, or
        personal comfort, or any combination of the above, or none of the
        above, be unilaterally and unequivocally assumed, proclaimed, and
        adhered to as absolute truth to be undeniably, universally, immutably,
        and infinitely so, until such time as it becomes advantageous to
        assume otherwise, maybe.

So, let us say I'm sitting at work and I find out that one of my
co-workers either gave a user the domain administrator password or made
them a member of the domain administrator group (both would effectively
give the user full access to every file and resource on every PC and
server). Doing so would be a gross security issue, sure. But if I
reacted to that by changing the administrator password and removing both
the user's and my co-worker's administrative access, I would consider
that overstepping my authority. Basically it would be a clear case of
insubordination, and I would expect a disciplinary reaction from my
supervisor.

I'm not sure if what Steve did was right or wrong. I wouldn't have done
it. I sure as hell wouldn't have removed spooked's access.

I dunno, BoD really needs to step in here.

I think it's all relative; hypotheticals only get you so far.  I think you're
mostly right that it would be over stepping your bounds to remove your
colleagues access.  It might not be a problem to remove the user's access.
I find it different to draw a general conclusion.  For example, what if the
user in question was a former member of the sysadmin group, who'd moved on
to another part of the company?  That's vastly different than giving that
access to the office supply clerk or front-office receptionist (both of whom
I'm presuming haven't been in the sysadmin group, may be temporary employees,
etc).

If it were me, I think I might have suspended the user's access, but then
*asked* the guy who gave the user access what was up.  If there was an issue
of policy, I'd point out the policy and see if the guy's actions conformed
to it or not.  I *do* think that grex's policy is sufficiently ambiguous to
be interpreted multiple ways, so I'd try and find out if the action was in
accordance with the policy before acting unilaterally.  I certainly wouldn't
remove my colleague's access.

Actually, it isn't so hypothetical. We have a few former IT admins who
have left to work in different departments. Occasionally they ask for
administrative permissions so they can install software onto their PCs.
 They don't get them from me, because they're not mine to give out. We
have clear policies saying who is allowed to give them, and that is who
they need to talk to.

In my hypothetical situation, I would not have taken away anybody's
access (including the user's) because even then it isn't mine to take
away.........I digress.

Do you know what I'm leading to here? Sometimes system administrators
get this feeling of personal ownership of the systems they manage, and
this results in problems when other administrators do things they don't
like.

i don't see how cross did anything wrong, he asked for access to do 
something useful, a staff member gave it to him. how steve can sit there and
belittle cross over that and call him wrong is just silly.

Regarding #5; Ah, okay, I thought you were talking about true generalities,
not your actual work place.

The parallel between my workplace and Grex may not be so good. Grex has
provisions for staff members to give access to users who need it. My
workplace doesn't.

Fair enough.  I'd like to get more opinions about this matter.

Regarding #362 #363:

1. The Grex policy is ambiguous - Re #362-#9 (remmers post). The policy
clearly states that permanent root access needs board approval, but it does
not clearly state that temporary root access is only in a emergency! The
keyword missing here is "only". Furthermore, it misleads by saying that "Staff
with permanent root access may at its discretion grant specific resources to 
qualified individuals"; "root" may be interpreted as a "specific resource".

I think the policy needs to be ammended suitably.

2. "steve" barring "spooked" from the staff conference was wrong, but then
steve does say very clearly in #362-#5 that he has re-added it and had
mistakenly deleted it. Certainly spooked has every right to demand a apology
, but not from "steve". The way i look at it - Steve was appointed by the
staff of Grex to sys-admin Grex. If he blunders then it's the board who should
apologise to the offended party and punish "steve". In this particular case,
absolutely no punishment or a reprimand should be handed out to "steve" simply
because in the heat of the moment, with a possible security breach in
progress, he is well within his right to throw the book and sort out matters
at a later date. Certainly, barring someone from staff temporarily isn't a
serious offence especially when "steve" claims it to be a mistake. It would
be nice if he personally apologised to "spooked", but i doubt anyone can
demand it off him since he's only doing his job and acting forcefully even
if in haste is understandable given that this is a possible security breach.

3. Re: 3362-#6 spooked: "I did not see your (or anyone else's) objection to
the said proposal in the garage conference."

Not seeing anyone's objection does not imply consent!

4. I hate saying this, but i think "steve" acted correctly! Look, one staff
member can revoke another staff members priveleges if he feels the situtaion
demands it! It's well within his right! He does not have to apologise to the
offended staff member - all apologies should be tendered to the board and
vice-versa! The board is well within it's right to demand a explanation from
all staff members - that's their right! 

5. In this case i think "steve" acted correctly in revoking both "spooked"
and "cross"'s priveleges. Given the ambiguity in the Grex-policy, "steve"
choose to act in a way he thought was right! "spooked" was rightly offended
because he felt his rights and discretionary powers were being trampled upon.
"cross" get's caught in the cross-fire! Neither "steve" nor "spooked" nor
"cross" is at fault here! Each one acted correctly. The culprit is the board
for drafting a flawed policy!

6. It does not help that "spooked/cross" and "steve" don't get along! I
suspect impatience to be the culprit. "spooked/cross" wan't things done
quickly. However, again i think "steve" is right :(! *sigh* Legal
implications! Grex can get sued and shutdown! How do you think it would look
in court - allowing a non staff member to access the entire grex file system
without board approval, with board members clueless, on the say so off one
staff member." It's not just Grex that is affected here. If cross had
installed a password logger and some idjit used the same grex passwd on his
super-duper-top-secret-million-dollar gizmo..Staff would be in shit!

spooked may be right about losing a valuable member in cross :( but the
solution is to make him staff if you think he is competent and trustworthy.
It's absolutely no use blaming steve for doing his job! Well it's a long
post..and i'm phew! so..hope it makes some sense..Getting impatient and
err..bitching(just a figure of speech - no offense!) is no bloody use!

There's a reason why we have "staff" and a "board" - it's to keep things
legal!

I was, as I have stipulated in the staff conference, giving cross 
only temporary root access.

I was well awares of the bylaw.  If staff is not regularly reading 
garage, then that's not my problem - I would have thought it should 
alongwith coop and staff be on their list of conferences (they are the 
only three conferences I read, for example).

Getting back to temporary root access only (via sudo), this is why I added 
cross to group wheel only, and not to group staff. 

As an aside, I find it amusing  that Marcus has finally come out of 
the woodwork to participate again.  If nothing else has been achieved, 
I feel pleased in triggering that event.

Oh! And i forgot - I certainly feel it's unfair of steve to expect cross to
divine that he is not to access wheel, however he does say "OK, I'll retract
the word underhanded.  Instead I will use the phrase "POORLY thought out" 
and will not retract that."


The way i look at it - he can tell a user that he thinks his decision is
"idiotic" (that's just his opinion), calling him a cheat is "rude" (he hasn't
done that or he wouldn't have retracted underhand) - rudeness is to be dealt
by the board! In this case, again, nothing to be done..since 
1. underhand/snookering was retracted.
2. merely stating a opinion.

Steve's been quite correct about the whole thing, imho!

Regarding #10; I respectfully disagree with the bulk of your argument.  If
Steve slights Mic, then Mic has every right to expect an apology from Steve.
But I don't think that's what anybody is looking for here.  You are correct,
in my opinion, that the policy is ambiguous.  I think one can make an
argument on one hand that Mic's actions violated the spirit of the policy,
and one can make an equally strong argument on the other hand that they did
not.

I do not feel that Steve's actions with revoking Mic's access were in any
way justified.  If he felt that there was some threat to the system at the
time, then perhaps, but I find it utterly perplexing that Steve could think
such a thing.  Surely he didn't think anything malicious was going on; by
his own admission he was not worried about me messing up the system.

Further, with respect to the proposed changes to the system, if one reads
the garage group, one will notice that I requested concensus *after* Mic put
me in wheel and *before* making any permanent changes to the system.

Regarding #12; It had more to do with tone and demeanor and some specific
comments than the main theme of Steve's lecture to me.

But let's not get sidetracked by definitions of what it means to be rude.  I
do not think it will be profitible to engage in arguments over what the
meaning of "is" is.  Suffice it to say that I found Steve's behavior toward
me rude and condescending, and yes, I am upset about that.

But more important than that, this incident has clearly highlighted the need
for a revised policy that spells out *exactly* when root access can be
granted to non-permanent-staff (be they former permanent-staff or not, what
*exactly* does it mean to give them permissions to write to some directory
and install something *if* that demands that they be root to do so?), as
well as when staff members can revoke the privileges of other staff members.
Currently, no policy addressing the former exists at all, even though one
should have been created *immediately* in the aftermath of the Valerie
incident.

And for the record, I'm not sure that I would say that people don't get
along.  I'm sure, if Steve and I met face to face and had a talk, we'd get
along just fine, and I know I'd like access to some of his wife's recipes.
That I feel he was rude to me in this situation doesn't change my opinion of
him as a fine parent, technically savvy individual, and generous human being
who gives freely of his time and expertise.  But here, I'm more concerned
with issues of policy.

hehe Dan: after reading that I'm not sure if you would prefer having 
STeve's or Glenda's babies :)

It does not faze me if I am given an apology, though I do believe it 
would be decent and proper.  I think this whole episode accentuates my 
belief that Grex staff is highly autocratic, and plagued by both 
inefficiencies and factors discouraging participation.  

As I have said somewhere (probably in the staff conference), I don't have 
an issue with STeve's technical capabilities, but his judgement I find - 
at the very least - a little annoying.

(I think it's medically impossible for me to have anybody's babies... :-))

I do think that grex staff's present atmosphere (at least, the way it was when
I left staff) discourages new participation and ideas.  As it stands, there
are, implicitly, certain staff members who you have to get approval from in
order to make changes to the system.  I'm talking about concensus and
discussion, but actually approval.

I want to know when it became a requirement for staff to read garage.  I was
under the impression that this was the conference to be used to discuss and
decide system policy.  I know that I don't go to garage for Grex specific
stuff, I read it for technical stuff in general.  When I am looking for
proposed changes to Grex, I go to coop.  When did this change?  And when has
Grex ever decided anything in a week or less?

Haha!  With respect to your last sentence, probably never.

However, garage is the "grex configuration and what not" conference.  Coop
is for policy decisions, not technical decisions.  At least, that's how I've
always understood things.

Glenda, I'd be interested in your input in item 27 in garage.

I don't see what the problem is.  cross and spooked should know by now that
this is STeve's baby.  We dont' get logic here and if you offer to help then
prepared to be chastised without running your intentions in triplicate past
the man on the throne.
("Underhanded"? I would have just killed the !talk session and never offered
to help again.  How insulting.)

I guess I'm a sucker.  I'm the kind of guy that adopts stray cats.  Yes, I
was offended, but I just can't help trying to do something if I think it's
the right thing to do.

The "wheel" group, by its very nature, is NOT, and cannot be, a "specific
resource;" it is a *general* resource in that it allows, through sudo, access
to anything and everything on the system.  (In fact, that was part of Dan's
argument for sudo over individual root accounts.  Sometimes, having a good
memory really sucks.)

The methods for granting access to specific directories are "chown" and
"chgrp."  The latter is probably preferable, even though it requires more
work.  (Personally, I'd prefer it exactly for that reason:  More work means
more thought, if only into writing the script to make the changes.)

I wonder what would be the response had valerie, another former staff member,
been given root access with such little discussion.  (That's not fair to
valerie, but sometimes other specifications are useful for clarifying
generalities.  Every once in a while, I'm reminded that Einstein published
his "Special Theory of Relativity" before his "General Theory.")

NB:  I've not read garage:27.  However, I *do* remember other discussions of
changing the grex password hash.  IIRC, Dan's suggestions were rejected at
that time.

This really is a case of steVE's knee-jerk reactions.  The fact that he
admitted to not keeping up with garage and yet was pretty snappy with removing
cross' and spooked's staff priviledges shows that steVE doesn't care nearly
as much about the technical aspects of how GreX is run as to how he wants it
to be run.  Here, we had cross and spooked taking their own initiative
(something which should be considered a virtue among staff members) to improve
GreX, and what do they get ? A summary eviction from someone who has half
their technical competence.

The fact that cross and spooked took the time to explain themselves very
clearly in this item, instead of telling steVE to go screw himself, further
puts forward their merits as good hard-working staff members who are valuable
to the system.

The sad thing is that steVE would probably had done nothing had he seen
valerie with root privileges last night.  It's really a matter of his personal
ego, which has been more and more apparent since scholar came out with a bunch
of new member proposals.

slup

wow; gelinas and i think alike, sort of.

Regarding #20; But root access, granted within set parameters to a known
trustable individual, can be considered a specific resource.  That is my
argument.  In this case, chown and chgrp were not sufficient, since every
program under consideration needed to be installed setuid to root.  What's
more, changes would need to be made to grexdoc (at least temporarily. 
Actually, in the long term, as well, since the customizations to the password
code in grexdoc would need to be undone).

My earlier proposal for NOT changing the hash was to afford MDW the
opportunity to play with Kerberos and his hash algorithm.  However, he has
been largely inactive.  This morning at around 0600 was the first time he'd
logged in in nearly a year.  It does not make sense to continue expending
staff resources for a project that Marcus may or may nor pursue, particularly
when there are other options for implementing that project.

Regarding #23, last paragraph; Rather, my earlier proposal for changing
the hash was NOT implemented to afford MDW that opportunity.

Re #13: "I do not feel that Steve's actions with revoking Mic's access were
in any way justified.  If he felt that there was some threat to the system at
the time, then perhaps, but I find it utterly perplexing that Steve could think
such a thing."

Steve's personal feelings towards you or spooked are irrelevant. Let's say that
spooked, you and steve were the best off pals and long time associates and
steve knew for a fact that there was no way his friend of many years would hack
Grex, but you did not have staff approval for root access. The situtaion would
still  demand that he kick both of you out. Why? Because if he didn't it would
reek  of cronyism! Steve the individual does not matter and his friendships,
opinions  etc on two individuals are ir-relevant! He should be a robot with no
feelings  what so ever on the matter! Possible security breach, lockdown the
box,  kick out all concerned, report to staff and let them settle the matter.
Try to understand what i'm saying Dan - Steve may respect you a lot, but
without a unequivocal YES from staff the only thing he can and should do is to
kick you out and spooked and shove the matter to staff for resolution!

He certainly should have sent email immediately to staff and to cross and
spooked!  Some thing like: "Hello, cross isn't a part off staff and spooked has
given him root access. I feel this is a violation of Grex policy, therefore
i've locked them both out. Sorry guys, it's unlikely that the both of you were
upto mischief but given the circumstances it's best that staff sorts this out."

Has he done that?

Since cross feels Steve was rude to him, a quick post from Steve ought to
settle the  matter. "Hey Dan, didn't mean to appear rude. Your help is
appreciated but i got to follow protocol or we will get hunted down by hungry
lawyers!"

Re #18 #21: Don't muddy the waters with opinions minus validating data. Don't
try to  mind read: "steVE would probably had done nothing had he seen valerie
with root  privileges last night."

Steve's competence wrt cross is not under discussion, offering that as a
argument is illogical. The question under debate here is whether Steve was
right in disabling spooked/cross's access when they did not have staff
approval. Frankly i think cross should be on staff!! But that's not the point!
I think a lot of people are allowing personal prejudices to cloud judgement!
You don't like steve and like cross and you find staff difficult to deal with
etc etc, ergo Yay cross! Boo Steve! Plus the under dog factor is at work -
cross isn't authority, does cool stuff, young, wants to change things and that
has appeal but i suspect that he MAY not be as level headed as say remmers!
(mind you that's off the cuff..).

I feel that heaving cross into staff should solve the problem! He gets to do
cool stuff under a watchful eye <g>

Well, at least someone still thinks I'm young.

The issue at hand is that the policy is not clear.  Mic (and I) clearly
interpreted it one way, Steve the other.  Are you suggesting that anytime
someone does something where someone else interprets the relevant policy
differently, they should be locked out of the system?  Even less will get done
than ordinarily around here....

Dan, "root access, granted within set parameters" is neither limited nor
limitable, *EXCEPT* by trust.  There is no other way to enforce the 'set
parameters.'

That trust requires Board consent.  *That's* what the policy says.

Yeah, setting up setuid requires root access.  So someone *else* should have
installed your changes, were they to be installed.

Re #26 I totally agree with you that the blasted policy is unclear and needs
to be updated immediately! I also don't fault you or Mic in this matter! Both
of you are the unfortunate victims here! I can't think of anything more
unpleasent than being barged off, especially after contributin stuff the way
you have! I also feel that "staff" and possibly "steve" should make it clear,
in no un-certain terms, that your help is appreciated and valued! Certainly
a apology from "staff" is in order - after all they have caused the ambiguity!

"Are you suggesting that anytime
 someone does something where someone else interprets the relevant policy
 differently, they should be locked out of the system?"
It's not a question of "someone else interprets the relevant policy
differently"! Steve isn't a random someone! He is in-charge of the day to day
running of Grex. In tod's words "Grex IS his baby", from the day-to-day running
point of view. If he feels that he should kick out someone that's his
prerogative! He is only responsible to the board! He can kick out remmers,
mdw,spooked,janc or just about anyone if he sees it fit to do so, but he'd
better have logic backing him up or the board will chew him up. 

What i'm saying in no uncertan terms is this: Steve has the right to do
anything! The board/staff decides what is right or wrong. Staff/Board is only
superseded by the US government! 

In this particular case, because of the ambiguity in legal interpretation,
staff  can't criticize steve or spooked. But i'm willing to bet that they won't
allow temporary access to root without board approval and rightly so i might
add - which does vindicate steve :(. But, they had better offer a rattling good
 apology to both spooked and you.

I suspect an apology is beyond them, but anyhow that's just a reflection 
on them - and people can form their own opinion of it.

A couple of things.  Somewhere about 8 responses back, someone (naftee I 
think) said STeve has half the technical capabilities than cross or 
myself.  I'm not about to speak for cross, but I can admit through 
experience STeve has more experience and technical competency than myself 
-- I don't doubt, and never have, his technical competence.  However, it 
is his attitude and rash reaction which do not sit kindly with me.  

Another thing... all this talk about Grex being sued over such a thing is 
Hollywood.....  please don't add to the over-dramatisation of this very 
innocent event.  The Bylaw in question here is very open for 
interpretation - the fact that at least a few educated individuals have 
interpreted it in different ways highlights this.  Furthermore, it is 
clear that neither cross nor myself were acting maliciously.  

I have said enough now on this issue.  Let them continue on as they 
please.  It is sad that initiative and active participation is not cheered 
(but rather criticised), but we don't live in a perfect world.  There is 
more important things in the world than needless drama.  

Re #25:  Yes, STeve sent email to the BAFF immediately.  He also called me
immediately to have me log into my email to make sure it went through.

Re #29: No one is saying that either off you "were acting maliciously"! 
Anyone saying that needs to get his head checked! All i am saying is 
that proper procedure was not followed and that the reason we
have procedure is to cover ass in court. Assuming Grex gets cracked some time
in the future, a clever lawyer would go through the bbs looking to see if
Grex was mis-managed. All these issues would be brought up - look, the truth
is not what "actually happened" it's what "can be proven". Oh! It's all very
unlikely, but why have a policy, board and charter if it's just so much bull?

As for it being Hollywoodesqe: Bleah! I read in the paper, in India - some time
 back, that a burglar had sued a home owner for his getting stuck in a chimney
during a burglery attempt <grin>. Also check out:  http://www.overlawyered.
com/archives/00nov3.html and search for "Burglar". If that can happen, i'll
argue that anything can happen! <grin>

Anyway, no more posts from my side on this matter. I'm going to spend my
valuable time checking out the cute chicks on
http://www.seedbiology.de/people.asp <g>

Even if Grex gets cracked, we are not liable.  

We have enough disclaimers, and are restricted in the extent to which we 
can protect people's privacy...  which we have said numerous times/places, 
Grex is not the place to come knocking if you want any.

We have policies because we are a group of people who have agreed to associate
under certain terms and conditions.  Our policies are mutally agreed upon
"rules" that we believe make this social system stable.  We change these
policies by concensus and by democratic votes.  

It is not lawyers that drive our social compact.  It is our mutual design of
a culture we want to be members of.  

My thoughts:

Since group wheel membership effectively gives root access, there was a 
violation of Grex policy.  As Gelinas pointed out earlier, there were 
other ways this could have been handled from a technical standpoint.  
Hopefully this won't happen again.

My understanding is the same as Glenda's regarding the Garage 
conference, and probably the same as most other staff members:  It's a 
place to discuss ideas and provide input on Grex technical issues, not 
an official place to make decisions.  I think an appropriate and 
courteous step to follow before making system changes of this sort is to 
alert staff via email or the staff conference, where staff normally 
expects these kinds of things to be brought up, allow a few days for 
feedback, and then proceed if there's either no feedback or there's a 
concensus that it's ok.  That's how I proceeded when the issue of 
turning off the idle daemon came up a few months ago and I took the 
initiative to go ahead with it.

That's my ideal about the way staff should work together.  I won't claim 
that there isn't more than one person who's violated it in one instance 
or another, of course.

re #20
 I wonder what would be the response had valerie, another former staff member,
 been given root access with such little discussion.
I seem to recall folks blowing off Valerie's ad-hoc mods in /etc way back when
but heaven forbid spooked implements something with a lil backup from cross.
I dunno..its really water under the bridge and I think staff is freaking out
when they cut spooked from being able to help.  Its very silly to read about.

Regarding #27, #34; Thanks for the comments, Joe and John.  I still feel that
the policy is a bit vague and open to interpretation.  However, we can turn
this into a positive by taking it as an opportunity to update the policy to
avoid such disconnects.  Further, it would also be a good time to put into
place a policy over when and why a staff member can pull another staff
member's staff access.  This really should have been done after the valerie
incident.

Regarding #28; There's one thing I think you need to understand.  Steve is
*not* in charge of grex's staff.  There is no one "in charge" so to speak of
it; ideally, they make decisions democratically like the rest of grex. 
Remmers has just as much "right" to yank Steve's access as Steve has to yank
his (though the mind boggles thinking of a situation in which either would
happen).

And finally, as I've stated many times before, I wasn't going to install
anything on Friday night.  I just wanted to poke around and make sure that
*I* understood how much work had to be done.

For the record, I think it should be said the STeve's pulling of mic's staff
privileges without discussion even just with mic is an equal violation to mic's
provision of staff privileges to cross without discussion. Obviously neither of
these actions occurred with ill intent, and I don't think any punitive response
is warranted or desireable. Certainly, cross is exhibiting the ideal attitude
by trying to focus this discussion on modification of the existing policy to
prevent similar occurrences in the future, and I think that is the angle from
which we should all be approaching this discussion. To that end, I think the
verbage dealing with provision of staff privileges and system resources should
specifically deal with root privileges both directly and through sudo and wheel
group membership.

Thank you, Eric, that nicely summarizes my intent.  To puy my earlier response
to Joe and John another way, since Friday, it has become rather clear that
many of grex staff members feel the intent of the present policy bars even
temporary access to root.  However, both Mic and I interpreted it differently.
I would like to see the policy reworded to more clearly express the intent
with respect to root access, that's all.

Yeps... exactly my sentiment Eric.  And, I am still without root or staff 
privileges -- with no apology, or hint of an apology from STeve or staff.

This type of slap in your face is one aspect (alongwith general 
closemindness and contemporary thinking) that discourages newcomers from 
joining Grex staff.  

I don't think I'm being unreasonable one bit here.

I find the fact that Mic's access has not yet been restored disturbing.  Was
this an oversight?  Or is it deliberate?

I'm deeply troubled when a Grex staffer can just unilaterally decide to
pull someone else's administrative rights in a non-emergency situation
like this. It is a clear usurpation of BoD powers, and constitutes
insubordination.

I am simply appalled.

What are we losing faster, members or staffers?

Membership has halved in the past few years, but I don't think the same is
true of staff.

re #39
I wouldn't blame you a bit if you resigned your offer to be on staff.  It is
one thing to protect the system but entirely another to remove someone from
staff without even communicating or apologizing for the urgency to that
person.  Unfortunately, I've seen this behavior in the past amongst Grex staff
and the culture is such that people are too timid to address or correct the
behavior of the longtime participants.

pretty soon, GreX is going to have fewer active staffers than m-net !

Todd is right.  There are multiple issues at here.  Not only is there a policy
issue, there's an issue of culture on staff.

I'm concerned that Steve hasn't chimed in here.  I think it would be unfair
to draw conclusions without hearing his side of the story.

Perhaps staff should draft some policies on change management (including
protocols for how to handle compliance thereof.)  The protocols can include
a process for pushing complaints onto the agenda of a board meeting within
a week's notice and also a process for both parties to submit their paragraph
of response for the board to review.
If the board is unwilling to accomodate staff complaints about abuse against
set procedures then the membership can issue a vote of no confidence against
the offending board members.

I would like to see a vote of censure at the next board meeting.

  When I get home I'll enter stuff here.  I'm trying to get stuff done at
work at the moment.

Regarding #50; Very well.

Regarding #49; Against who?

Regarding #48; That seems like a reasonable idea.

when grex was perpetually down a few months agos, and nobody on staff 
would step up to the plate to take responsibilty for the machine, I 
suggested that there be a designated sysadmin position, and a few 
people started whining about how it was only a volunteer position and 
that grex operates on a system where all the staff does their own thing, 
essentially.

Funny, now that grex is working fine again, steve wants to act as a 
defacto sysadmin and be the judge, jury and executioner of who's on 
staff at his discretion.

Well, I think there should be a sysadmin. I think the board should adopt
time tested practices on IT organization. But until that happens
formally, anybody who takes it upon themselves to act as the defacto
sysadmin is being insubordinate.

I'm not opposed to the idea (not that my opinion really matters).  When you
proposed that, Jeff, I was for it.  I think Nate's proposal is a little
different, which is why I've got some questions.  In theory, it's a good idea.
In practice given grex's culture, I'm afraid it might have the opposite of
the intended effect.

The other way to do it is to list all the homegrown apps along with owner from
staff and then everybody on staff agrees on who gets what.  For now, lets just
say everything in ./  belongs to STeve.
*snicker*

(Or get rid of as many of the home-grown apps as possible....)

I think the reason Mic's perms haven't been restored is because the board has
to pass judgement first. I sense a difference in thinking; Staff does things
by the book (follows procedure) and i wouldn't be surprised if it was all a
little formal <grin>, hehe, knocking the gavel and all that..nice and stody 
is the word that comes to mind <g>. Anyway, where as you guys just want it 
done quickly..mick's innocent, that's conclusive since the charter is 
ambiguous etc etc..so just heave him back in pronto and get on with things is
what you guys want to do.. I personally feel this is wrong though it gets
work done quickly.

About the root access thing: I don't feel it would be wise to allow one staff
member to grant root without all the other staff members knowing why it was
being given and aprroving it. Instead of abandoning protocol we should try
and make it more efficient.
eg: The trouble as i see it right now is that staff members get held up with
work and don't log into Grex to keep abreast off what's happening.Perhaps we
could do this: After suitable discussion on the conferences one staff member
decides to grant access to cross. Mic then posts on a public conference,
readable by  all a draft of what's to be done. Staff gets a copy off it via
email.. So they can't weasel out by saying they had no clue..Would that
suffice?

RE: A sys-admin: Dual control is in-efficient at best. Certainly someone
should be in charge of day to day running while staff handles their respective
jobs. However, the demarcation should be clear and i doubt that's possible.
In the end no system will work if the people involved are crappy or not
dedicated. Ideally Grex should just run itself <g>

I've already said that I think the removal of mic's staff privileges is
a violation of protocol, but at this point I want to add that the longer
he remains in this diminished position, the more egregious this
violation becomes.  

I respectfully request the immediate restoration of mic's privileges,
and if the board and/or staff decide to take punitive action (a position
I would absolutely and vehemently oppose) they can do it when they have
decided in accordance with policy and protocol.  Frankly, I consider the
continuing banishment of a staff member for a harmless violation of an
arguably ambiguous policy to be an inexcusable and damaging overreaction.

Re #59: How is removal of mic's privileges a violation of protocol? Where does
it say that one staff member CANNOT kick out/deny access/lock out another
staff member? As i see it, mick has/had just as much right to revoke STeve's
permissions, in fact Mick could possibly "break in" to Grex revoke STeve's
perms and i doubt the board can do anything <grin>. Well..they could heave
him out for installing a backdoor, but certainly not for "breaking in"..since
legally he has every right to be "in" and it's just STeve's point of view
against his.

I am very disillusioned at this point in time with the staff/baff's 
position of not restoring my privileges.  

In fact, they have not even given me an explanation.

I'll give it another day, and then I'll resign as it's looking more and 
more as if that is what they are hoping will eventuate.

*shrugs*

Yeah, the fact that no one has even explained what happened to Mic's access
is really not just bad, but straight rude.

If the two of you will postpone the suicide till after the board meets we will
all be very grateful! And please don't mind read! It's not rude - the matter
is subjudice - staff can't/should not comment on the matter! In any case since
neither of you have done any wrong whatsoever and since every other Harry on
Grex is rooting for you guys..Sheesh! Whats with the gloomy faces! Plus, it's
prolly only STeve who MAY crib a bit..frankly speaking i doubt he would.
Neither of you may match up to his high ideals (expecting cross to play the
martyrd saint and divine things etc etc) but barring that he should not have
any objections..I'll bet they apologise for causing so much confusion and
verbiage! And i'll bet they say that they appreciate your work, but beyond
that..well don't expect them to crawl..after all the ambiguity wasn't
deliberate..

Re #61 And don't expect them (staff) to fly to your rescue and bail you out!
They can't because that would be compounding STeve's whatever...in the sense
that..STeve's taken a decision against you..they can't just over-ride him and
heave you back in pronto without first listening to the guy..give it
time..i'll bet they reinstate you with nary a blemish on your charecter.

I can't get into a big fury about this, because, as it happens, I am
pretty confortable with Dan having root access.  So no harm done.

However, I agree that this is a pretty huge deviation from accepted
policy.  The talk in the policy about granting limited access to
specific users, refered to things like the "cfadm" account and treasurer
account, that allow people to do very specific things in very specific
parts of the system.  In some cases, we've given people temporary access
to root, but it was done with a person with official access to root
logging them in and sitting next to them the whole time they were on (I
remember watching Mike McNalley do some work on Grex and having keats
watch me while I did work on M-Net).

To just hand someone root, access and let them use it without oversight
is a declaration of total trust in that person.  While I may trust Dan
that far, and Mic may, and we may even be well justified in that, it
isn't really our perogative to make that decision for Grex.  That has
always been the board's perogative.  And that's as it should be.  If the
board doesn't decide who is root, then the board really isn't in any
substantive control of Grex.

So I do feel that this was an improper action.

Please don't do it again.

Thanks.

Can someone post a list of current holders of root and what their role is?

http://cyberspace.org/staffnote/     *snort*

Regarding #65; Given the outcome, I have no intention of repeating it again.
However, you bring up a good point: the board should have control over
access to root.  Mic's access is still shut off, even though he has board
approval to have that access.  :-/

Regarding #66; Grepping the wheel account out of /etc/group shows you who
has root access.  I'm not sure how one would figure out what their primary
responsibilities are.  The current contents of wheel are:

wheel:*:0:root,bhoward,gelinas,glenda,i,janc,kip,mcnally,mdw,remmers,srw,steve

root is in there only for redundancy.  bhoward hasn't been particularly
active since January, I'm afraid.  i handles most conference related stuff.
srw answers the bulk of user emails.  gelinas and remmers do general system
stuff.  mdw hasn't been particularly active in two years (before this past
weekend, he'd only logged in about twice in the last two years or so).
steve does a lot of the day-to-day grunt work, as we know.  janc does stuff
from time to time as he can fit it into his schedule.  I'm not sure what
glenda, kip, and mcnally have been up to recently, but I haven't followed
staff on a day-to-day basis for a while now.

Wouldn't the principle of least privilege suggest that non-active staff
be removed from the wheel group until such a time when they're willing
to be more active?

Regarding #67; Hey!  I'm listed in there!

Yes.  But I think that's opening up a whole other can of worms.

re #69
Eleven roots does seem pretty extravagant.

re #68
I don't know squat about staff but as a user I would've guessed the root list
would be: gelinas, janc, mcnally, remmers, steve, and spooked
My assumption is based on visible participation of those folks on Grex.
Even so, six roots almost seems excessive.

Don't discount srw in that list.  He does a lot of down-and-dirty work
supporting users who write asking for helps, and often needs root access to
do that (fixing mangled dot files, and things like that).

re #73
I don't doubt there are other active roots.  I was just relaying my impression
based on the staff folks I see in bbs.

Oh, okay.

I guess I'll preach for a while.

Does everyone remember from math that if a=b and b=c then a=c?

On a UNIX like system such as Grex giving root access for a few seconds
can result in myriad difficult to detect changes to the system.  Some of
these could be backdoor access, or data destruction.  I must say again
that these things can happen very quickly.  Perhaps tiny fractions of a
second.

Among staff it is pretty well known that STeve is particularly expert
and active with regard to security.

Given the above I would expect STeve to react quickly with sufficient
force to *ensure* reduction in security breach to any situation which
seemed to be a breach, and then continue to act to investigate, clarify,
gather evidence, and resolve the situation with coordination with other
staff and the Board.

As a Computer Security Specialist with clients that include Banks,
Universities, accounting firms, and etc I'll tell you that these are the
facts.

Now come my opinions.

STeve was correct with respect to his technical actions.  Perhaps he was
a little harsh with some of his words, but knowing what I know about
staff procedures as a former staffer myself, and seeing the wording used
in the discussion I see how in the situation STeve could have taken
things to be 'playing dumb'.  Not that I think that was happening, but
that he could have.  

With the above foundation about computer security I think that STeve did
things right.  That he didn't make any mistakes.  And that nearly all
the posts in this and other items amount to political powerplaying to
gather support for a position from people who have little to no
understanding of the details and methods of systems management.

The correct way to handle this would be between the parties concerned. 
That list would be:  Board; Staff; Cross; Spooked.  Any person schooled
in leadership and management knows this.  The motion to change the
wording of the relevant policy is a separate issue that rightly belongs
in COOP.  Since some people have chosen to step outside normal
management practices and engage in juvenile sympathy gathering I feel I
can no longer keep quiet on this and must explain some of the normal
practices for situations like this so that we might all behave with more
professionalism next time something happens that needs resolving.

Thank you STeve for trying so hard to keep Grex secure from all sorts of
security threats be they real active situations, abstract potential
eventualities, or possible vague incidents.

 re #76:
 >  On a UNIX like system such as Grex giving root access for a few
 >  seconds can result in myriad difficult to detect changes to the
 >  system.  Some of these could be backdoor access, or data destruction.
 >  I must say again that these things can happen very quickly.  Perhaps
 >  tiny fractions of a second.

 By that argument once cross had had root access it was much too
 late for STeve's revocation of root access to fix the problem.
 Your statement seems to me to be working at cross-purposes (no pun
 intended) to your argument.
  
 >  Among staff it is pretty well known that STeve is particularly
 >  expert and active with regard to security.

 It is?

 Without minimizing STeve's skills or his contributions to Grex,
 I'd have to say I'm not aware of any special expertise he has in
 this area.  He has strongly- held opinions on the subject and has
 a considerable body of experience as a professional sysadmin,
 but I don't agree that that's the same as "particularly expert."

 I've had a rather busy and stressful couple of weeks and can't
 recall at the moment if I've previously made my opinion on this
 incident clear but in my opinion mic made a relatively minor error
 in judgment and STeve acted in a way that I think speaks volumes
 about his attitude towards grex and towards other staff members.
 While I don't doubt that his intentions were to protect Grex from
 what he perceived as a threat, I think his actions demonstrate a 
 proprietary feeling towards Grex's admin privileges that I'm not
 entirely comfortable with.

STeve acted in response to an apparent security incident.  This requires
immediate and strong response.
Dan et. al. did not.  The two situations are completely different and
not interchangeable.  What you are saying is that if I gain root somehow
and put my name in group wheel then it is too late for someone to revoke
my new rights as a member of staff.

How can so many people fail to understand the difference between system
administration and security response.  Again, system admin is a team
effort and is not time critical.  Security response is time critical
beyond the limits of most people's imagination which necessarily makes
it an individual effort.

re #78:
> What you are saying is that if I gain root somehow and put my name
> in group wheel then it is too late for someone to revoke my new rights
> as a member of staff.

If I cannot know for certain that your intentions are not malicious
then it is, in fact, too late for someone to effectively re-secure the
system simply by revoking your membership in the staff & wheel groups.
That's one reason I'm kind of puzzled by STeve's reaction.  On the one
hand if he didn't believe that mic and cross were out to harm the system
then his approach seems like a ham-handed overreaction.  On the other
hand if he did believe that mic and cross were a threat to the system
then the steps he took to "secure" grex after discovering the situation
(which wasn't particularly hidden to begin with) were totally inadequate.

> How can so many people fail to understand the difference between system
> administration and security response.  Again, system admin is a team
> effort and is not time critical.  Security response is time critical
> beyond the limits of most people's imagination which necessarily makes
> it an individual effort.

I've got an even worse problem -- I can't even understand what it is
you're trying to say above.

You appear to be arguing that in response to a security breach, immediate
action is required to restore the security of the system and that STeve
was therefore correct to act unilaterally without waiting for the board
to sort things out.  I don't particularly disagree with that if that's
what you're saying, but frankly what STeve did really doesn't begin to
come close to re-securing a breached system, about the only attackers it
would actually be effective against were people who weren't attacking in
the first place.

i'm with mike.

re 76 You're acting as if this were a system where the board and staff total
about a hundred different technicians who don't know themselves that well.
GreX just isn't that.  It's a community where a lot of the staffers happen
to know each other in person.

A couple of things, there was no security threat -- any non-moron can see 
this.

STeve's response was worse than my actions.  It was inappropriate, and 
quite frankly rude!

If I or Dan wanted to harm the system, it would have been done long ago.  
STeve's actions, and more important, his words - and lack there of - since 
the episode have hurt Grex much more than me taking an innocent 
initiative.

Just my 2c.
 

I think arthurp is misapplying a legitimate point.

Regarding #82; I agree with Eric.  Arthurp's argument doesn't fit this
situation particularly well.

And, with respect to #76; "juvenile sympathy gathering" - are you serious?

    I don't know how it is on Grex, but on my Linux system in the
sudoers man page I found a few options that may be of help here.
To wit:

Defaults
--------
       mail_always Send mail to the mailto user every time a users runs sudo.
                   This flag is off by default.

   Turn it ON.


       mailto      Address to send warning and error mail to.  The address
                   should be enclosed in double quotes (") to protect against
                   sudo interpreting the @ sign.  Defaults to root.

    This one should be set to a mailing *list*. The list should include
accounts held by all board and staff members on systems *other than
grex*. (I have a bunch of gmail invites if anybody needs some.) And for
good measure, add to the list an account on a machine on the same
network as the grex machine, in the same room, which is otherwise NOT
connected to the internet. (eg, you have to goto the Co-lo building and
sit down at it to login to it.)


       logfile     Path to the sudo log file (not the syslog log file).  Set-
                   ting a path turns on logging to a file; negating this
                   option turns it off.

    Send this one, also, to another machine, via NFS or similar network
file sharing. Said system will be charged with the task of backing this
file up every 5 seconds  or whatever is appropriate, and|or otherwise
keeping it from being deleted or overwritten. (Allow append only.)

    In this manner, a user in group wheel can still do anything he likes,
including install back doors, and even stop sudo from keeping such logs.
But by the time he does, if the logs and notices get sent offsystem, the
cat will be out of the bag, and everyone will know who to hold responsible.

    Also, just for fun:

       lecture     This option controls when a short lecture will be printed
                   along with the password prompt.  It has the following pos-
                   sible values:

                   never   Never lecture the user.

                   once    Only lecture the user the first time they run sudo.

                   always  Always lecture the user.

                   If no value is specified, a value of once is implied.
                   Negating the option results in a value of never being used.
                   The default value is once.

       lecture_file
                   Path to a file containing an alternate sudo lecture that
                   will be used in place of the standard lecture if the named
                   file exists.


And one that especially appeals to me:

       insults     If set, sudo will insult users when they enter an incorrect
                   password.  This flag is off by default.

I hereby wish to resign, effective immediately, from Grex staff.

There are a few main reasons for my decision:

(1) Good judgement and initiative are discouraged.  Autocratic, zealous, 
    egotistical behaviours are favoured.
(2) Very little good work is done by Grex staff, because of the 
    repercussions and discentive caused by (1).
(3) Grex (and particularly the one or two staff who spoil staff) are 
    backward thinking - exaggerating their own personal importance, and 
    having no vision or passion for a better Grex.  
(4) I find the sheep on staff who follow the zealots on staff (because 
    they have no conviction or vision of their own) pathetic.

I will now remove myself from groups staff and wheel.

So who does that leave us with?

steVE.

This is indeed sad news.  It sucks that you've left, spooked.

Thanks for your time, spooked.  I appreciate your and Mike's opinions and hope
both of your opinions continue to be voiced.

Just to leave no doubt about my wording in (1) by zealous (being a zealot) 
I mean an extremist, a crank and a bigot (not to be confused with 
enthusiastic and positive visionary intent).

I think "discentive" was the clearest one word explanation.  In a better
world, the Board of Directors would recognize these gentlemen and give them
a formal thank you up to and including a certificate of participation and
thanks as well as an annual membership at no cost.  I don't think I'm out of
line at suggesting this.

disincentive -- better?

Not sure what you mean in resp:90 Tod.

re #91
Well Mic, I'm referring to the recent events.

I don't think any money or free bonus should be given.

It should and would be a pleasure working on staff if certain staffers 
wouldn't spoil it for everyone - current and wannabes.

re #93
Mic, I think everyone interested in Grex would probably like to see staff
given a bit of recognition after volunteering for a period of time.  I
understand its not what motivates a person to be on staff (or I would hope
that wouldn't be the case.)

Would an apology from a certain staffer help to persuade a couple of other
staffers not to resign?  

I think this is the sort of notable situation that requires Board involvement.

Two staff members resigning in a single day.  Yeah, something is definitely
rotten in the state of grex.

I feared an apology would be beyond the man - I said this way back.

It has proven correct. 

Again, pompous - managerial smuck.

 Although I think some things about the way staff works could
 be changed to help encourage more participation from other
 potential staff members and although I think the recent 
 incident could have been handled much better, I do not feel
 personally offended by anything that happened and would not
 be moved to reconsider by an apology when no offense was
 offered me.  Mic's entitled to feel differently, of course,
 and I expect he does -- his situation is totally different..

 As for my own reasons -- I promise I'll try to explain them
 later, but right now my time is limited by circumstances in
 my personal life (which is, itself, one of my major reasons.)

 In the meantime I would appreciate it if people would not use
 my departure from staff as an extra club to beat up on STeve
 because although I disagree with him in some cases about how
 the system should be managed (as is only natural -- different
 people have different approaches..) my decision is not primarily
 motivated by those differences of opinion.

Well said Mike.  Take your time, mate.

Fair enough.

Spooked, if enough of us ask you nicely would you reconsider resigning?

Thanks keesan...  

All I want is an apology.  I'm a very stubborn person - when I have been 
treated poorly I don't ask much except for a 'sorry'.  

I can understand how you would be reluctant to continue working with someone
after being yelled at.  Do you think an apology would make this sort of thing
less likely to happen again?  Probably STeve was under some sort of stress
at the time, such as poor health, too much work, etc.  Is it possible that
you were partly at fault and could apologize for that first?  (I did not
really follow the whole case).  Some people find it more difficult to
apologize.

I don't think spooked needs to apologize for trying to update Grex's anciently
obscure modules which had been hashed over in discussion in the garage
conference amply beforehand.  STeve just flipped out because spooked had cross
(former staffer and considerably trustworthy) assisting with a root level
capability.  The truth is that there needs to be some sort of formal process
to ensure other staff people are in the loop..and for that to happen (in a
timely fashion) then some people are just going to miss the boat.  It was
assumed the garage conference was that venue but not according to STeve and
others.

It would seem that we assumed incorrectly.  Okay.

Still, Steve's reaction and treatment of other parties could have been a
little friendlier.  I don't think that people should have to crawl around
begging for apologies.  If one cannot be had, and it was truly deserved then
that tells you something about the nature of grex's staff.

In this case, I do believe Mike deserves an apology.  Even if Steve felt his
actions were justified, I still think he was unjustifably caustic with his
approach and subsequent lack of communication (though, to give the benefit
of the doubt, maybe the latter is just due to lack of time).  Moreover,
apologizing for his demeanor wouldn't be invalidating his position, but
rather just acknowledging that other parties were offended.  It would just
be saying, "Hey, I still think I was right, but sorry if the way I went
about it offended you...."

Probably, spooked resigning is a symptom of a larger problem (I haven't been
on staff for a few months, so I don't *really* know).  But if that were the
case, instead of treating that symptom, one should look to treat the problem
itself.

Mike McNally said he had other reasons for resigning.

I wouldn't be surprised if Mike split from staff because everybody is
squabbling and his heart just isn't in it.  I'm sure there are schedule
conflicts and other stuff, too..but I'm getting the vibe that something
positive needs to happen with staff soon up to and including some leadership
that isn't perceived as part of "the old guard."

I would not be surprised either if that's a big factor for Mike.

Talking from how I feel personally...
I want to be in a team that works AS A TEAM!  When it feels more like a 
dictatorship - and, worse still, you are not respected and not given an 
apology (as Dan has said, an apology does not necessarily suggest one 
person was more right/wrong than anyone else) it is demoralising and 
counterproductive.
I do not volunteer to staff for monetarily or status rewards!!  I only ask 
for some decency and that includes basic human respect.  

I do not want to cause problems, and I do not believe I am radical -- or 
am I missing something?

eh, monetary

 am I missing something?
I think you pretty much said it.

If this were a Disney movie, shouldn't this be the part where the grumpy 
old junkyard owner takes pity on the poor little kid with the hard luck 
life and teaches that kid everything he knows about the junk business?

This is the part where Ben Vereen teaches Kunte the chicken dance.

I know all about a hard life.  That's why I work when people sleep, so one 
day I may rest easier.  However, regardless of where I end up, I'm very 
proud of the work I do and I enjoy it.  And, I would never take a 
managerial position - I prefer earning my money.

i rather like sleeping through morning rush hour

I like writing policies, standards, protocols, and books.  Not only does it
allow me to meet interesting people but lunch is included.

Todd is all about the claimed-non-existant free lunch.

Policies, et. al - I produced a 340 page thesis so the next book I write 
will be more philosophical.

re #116
I also am kind of a sucker "for the good of the Order"

No, this is where Ben Vereen starts singing "Goodbye my life, goodbye."
(All That Jazz)

Alright...so what's the story?
Did steve apologize?
Did cross ever get to complete his changes.
Did spooked's resignation stick?

*Note*
Someone needs to update the web page because it looks like cross is on 
staff to me...

No, No, and Yes, respectively.

 :( to all

The Stafflist isn't the only thing that needs updating, but it's as good a
place as any to start, I guess.

Lots of things are out of date: /etc/group, for instance.

And password hashing...

Password hashing isn't "out of date," it's just "not standard."

I guess that depends on how you define ``out of date.''  Grex's password hash
is based on SHA1, about which there is some speculation that it has
``interesting'' properties that would make the algorithm slightly dated.

Are we there yet?

You have several choices:

• Go to the menu of items for the Oldcoop conference
• Go to the list of conferences
• Go to the opening screen