|
Grex > Coop > #39: Member Proposal: Create Three Classes of Grex Accounts: Users, Community Users, Validated Users |  |
|
| Author |
Message |
cmcgee
|
|
Member Proposal: Create Three Classes of Grex Accounts: Users, Community Users, Validated Users
|
Aug 7 00:12 UTC 2007 |
There would be three classes of accounts:
User Account: No Internet access. Can send and receive mail only to
local Grex account, use Unix shell, participate in party and the
conferences.
Community User Account: Full E-Mail. Users can send and receive email
from or to any address.
Validated User Account: Full net access. Full access to the Internet,
including telnet, ssh, ftp and http.
All new user accounts would be created in the User class.
Promotion from the User class to Community Users class would be by
responding to a email sent by a Grex Helper which asked the user to
identify where or how they found out about Grex.
Promotion from Community Users to Validated Users would require the same
validation that is currently required for membership, either a photocopy
of a government or school issued ID that contains the person's photo, or
by a $1.00 payment through Paypal.
Once an account was Validated, it would not need to be revalidated.
Validated User accounts that had not been active for more than a year
could be reaped at the end of that time. Becoming a member would be
sufficient, but not necessary for becoming a Validated User.
|
| 150 responses total. |
maus
|
|
response 1 of 150:
|
Aug 7 00:37 UTC 2007 |
I would support that.
|
cmcgee
|
|
response 2 of 150:
|
Aug 7 00:40 UTC 2007 |
First edit:
Change line 1 to read there would be
|
cmcgee
|
|
response 3 of 150:
|
Aug 7 00:43 UTC 2007 |
First Edit:
Replace "There would be" in then first line with "There shall be"
|
nharmon
|
|
response 4 of 150:
|
Aug 7 01:49 UTC 2007 |
I support this.
|
cross
|
|
response 5 of 150:
|
Aug 7 02:09 UTC 2007 |
I support this.
|
unicorn
|
|
response 6 of 150:
|
Aug 7 02:37 UTC 2007 |
May I make a suggestion? I think access to compilers and interpreters
(except for the shells, of course) should be restricted to validated
users. This would prevent many of the attacks that come from the inside.
Are there any non-shell scripts (e.g. perl or python) that are essential
for non-validated users?
|
mary
|
|
response 7 of 150:
|
Aug 7 03:19 UTC 2007 |
I'll go a bit further and suggest there be some speed bump to people being
able to POST to the conferences. Not necessarily social validation, but
something that would require Grex sending mail to the user and getting a
response back. This is a pretty standard expectation out there for good
reason. Sad but true.
|
unicorn
|
|
response 8 of 150:
|
Aug 7 03:28 UTC 2007 |
Along with my suggestion in #6, you might have to prohibit non-validated
users from being able to upload precompiled programs from elsewhere, too.
Or is there a way to prevent programs from running from the user's home
directory that I'm not aware of?
|
maus
|
|
response 9 of 150:
|
Aug 7 03:44 UTC 2007 |
resp: #8
You could put unvalitated users' home directories in a folder on another
slice, and mount that slice noexec. Part of the "turning up" script that
is run when they are validated would migrate their home directory to
/home (or /users or /export/home or /a or /c or wherever we are putting
users' directories).
|
maus
|
|
response 10 of 150:
|
Aug 7 03:48 UTC 2007 |
resp: 9
I forgot a couple of things. Warn users to use ${HOME} instead of
hard-coding something like "/export/home/m/a/maus".
You could update newuser to only give the choices of party or rksh or a
menu and this would also limit the damage. Maybe part of the validation
email would require the user to pick a shell from a broader list (like
full ksh or bash or tag-c-shell) if they want.
Or send the two big, mean leather-dykes named Guido (Hi, Guido) to rough
up anyone who intentionally tries to break grexserver.
|
cmcgee
|
|
response 11 of 150:
|
Aug 7 04:14 UTC 2007 |
Could I have some proposed wording changes here, please?
|
cmcgee
|
|
response 12 of 150:
|
Aug 7 04:28 UTC 2007 |
The wording changes need to be to the above proposal. Please
distinguish between policy and what staff would have to do to implement
the policy.
We do not need to include directions to staff on how to make it happen.
Only what we want to see as a result of staff actions.
|
cmcgee
|
|
response 13 of 150:
|
Aug 7 04:48 UTC 2007 |
Mary, I'm with you, and think we should remove the ability to
participate in conferences from User to Community User.
Unicorn, could you give a suggested wording that would put "access to
compilers and interpreters other than shells" into the Validated User
group. Is that sufficiently precise that a staff member could implement
it? How would you word "upload precompiled programs" if it needs to be
a separate policy? Or is there a wording that would give staff the
go-ahead to do what you and maus are suggesting?
|
unicorn
|
|
response 14 of 150:
|
Aug 7 04:53 UTC 2007 |
Well, for my suggestions, the first and third sections could read as
follows:
User Account: No Internet access. May not compile programs or run
user-written scripts except shell scripts. Can send and receive mail
only to local Grex account, use Unix shell, participate in party and
the conferences.
Validated User Account: Full net access. Full access to the Internet,
including telnet, ssh, ftp and http. May compile programs and run
user-written scripts.
|
unicorn
|
|
response 15 of 150:
|
Aug 7 05:01 UTC 2007 |
cmcgee, your response slipped in ahead of mine. I think that "May not
compile programs" would imply that uploading precompiled programs is
also forbidden. Or do you think it needs to be explicitly spelled out?
|
unicorn
|
|
response 16 of 150:
|
Aug 7 06:05 UTC 2007 |
Maybe this would be clearer:
User Account: No Internet access. May not compile programs or run
user-installed programs or scripts except shell scripts. Can send
and receive mail only to local Grex account, use Unix shell,
participate in party and the conferences.
Validated User Account: Full net access. Full access to the Internet,
including telnet, ssh, ftp and http. May compile programs and run
user-installed scripts.
Changing "user-written" to "user-installed", and adding "programs" in
the first case should make it clear that compiling elsewhere and
uploading is also forbidden.
|
remmers
|
|
response 17 of 150:
|
Aug 7 13:57 UTC 2007 |
I endorse bringing this to a vote.
(And suggest that folks consult the bylaws regarding timelines &
endorsement requirements.)
|
vivekm1234
|
|
response 18 of 150:
|
Aug 8 03:12 UTC 2007 |
I loved the origianl draft (#0) - don't like the modifications! A LOT of
people use Grex to code and don't want to waste time on party and the BBS.
Our offenders are a few well known pests, why force the large mjaority of shell
users to suffer our community needlessly <g>. In any case noexec won't solve
the problem, they'd just put the stuff in /tmp.
|
unicorn
|
|
response 19 of 150:
|
Aug 8 03:51 UTC 2007 |
Well, noexec could just as easily be used on /tmp, couldn't it? And
I'm interested in how you know that a lot of people use grex to code
if they don't spend time in party and the BBS to tell you about it.
Besides, nothing's stopping people who want to code on grex from getting
validated so they can do so. It won't cost them anything, after all.
|
maus
|
|
response 20 of 150:
|
Aug 8 04:08 UTC 2007 |
A standard practice should be to have /tmp and /var/tmp nosuid,noexec
for precisely this problem. Requiring validation does not introduce an
unreasonable barrier to being able to write and execute custom codes,
but does provide a control to deter pests.
|
cmcgee
|
|
response 21 of 150:
|
Aug 8 04:43 UTC 2007 |
vivek, I'm curious about what impact you think validation would have on
the users you are talking about.
|
vivekm1234
|
|
response 22 of 150:
|
Aug 8 10:52 UTC 2007 |
This response has been erased.
|
vivekm1234
|
|
response 23 of 150:
|
Aug 8 12:31 UTC 2007 |
This response has been erased.
|
vivekm1234
|
|
response 24 of 150:
|
Aug 9 03:50 UTC 2007 |
Re #21: people may leave.
|