|
Grex > Coop13 > #366: Minutes from Grex Board of Directors Meeting, September 26, 2006 | |
|
| Author |
Message |
slynne
|
|
Minutes from Grex Board of Directors Meeting, September 26, 2006
| 
Sep 27 04:02 UTC 2006 |
Grex Board of Directors Meeting: September 26, 2006
Board Members in Attendance: Mark Conger, Lynne Fremont, Joe Gelinas,
Bruce Howard (by phone), Larry Kestenbaum, John Remmers, and Jan Wolter.
Non Board Members in attendance: Steve Andre, Mary Remmers, Marcus
Watts, drew
OPENING GAVEL TAP
1. Treasurer s Report:
In August we took in $240 and spent $150. We had two new members in
August. So far in September, we have taken in $680 mostly because one
user who has been a big donor in the past purchased a 10-year
membership. There are currently 52 members with 40 paid up. Mark passed
around some State of Michigan paperwork to be filled out by board
members with full names and addresses.
2. Staff Report
We have had a lot of up time lately and mostly Grex has been up. There
are users who are using pearl and C programs to attack other sites. They
often use a program called UDP.PL. It is a program that works on port 80
to attack other sites. It may be necessary to disallow access on port
80. There also continue to be many attempts to break into Grex. We are
off the KVM at provide.net. We may want to consider getting a monitor
and keyboard to keep at provide.net After recent crash, Grex came up all
on its own or maybe with intervention from provide.net staff.
3. Root-granting policy and staff initiatives
Steve reports that he was online and noticed that staff member mic was
editing a ulist so he went to staff.cf and discovered that user cross
was in the ulist for that conference. Then he saw that mic put cross in
the wheel so that cross could work on the password file. At that point
Steve took root access away from both mic and cross. Mic told Steve that
giving cross root access was something discussed in the garage.cf.
The board generally agrees that the main issue is mic giving cross root
access when our policy is to give root only in emergencies
Mark Conger suggested that we should give mic root access back after
further clarifying the policy to him. Mark is pleased to see people
taking initiative.
Some concerns were expressed about the risks involved with working on
the password files. Jan Wolter said that he believed that cross is very
capable and has the technical expertise to take on that task. However,
working on the password files is not an emergency.
There was some discussion about what the board should do about this
situation. Generally the board wishes to encourage initiative but with
caution. The board reviewed the root policy and believes that the policy
is adequate as written.
MOTION: The board values mic and his many contributions to Grex over the
years. The board appoints Mark Conger to discuss policy with mic. The
board gives Mark Conger the authority to re-enable mic s root access.
Moved by Jan Wolter. Seconded by John Remmers. Passed unanimously
4. Old Business
The web contest has a winner. Since there was only one entry there will
be no vote. Slynne will announce winner in agora.cf and will email
samples of web pages to staff. A prize of one year s membership will be
awarded.
5. Next Meeting - 8p Thursday, October 26 at Zingerman s or Mark
Conger s house if Zingerman s is unable to reserve a private room for us
or is not open late enough.
6. New Business
Steve says that we recently had an attack on port 80 that caused
provide.net to take us off the network. Peter at provide.net told Steve
that he was able to stop the attack by black holing packets destined for
Grex. Staff are reviewing many different possible solutions to this
potential future problem. Steve is going to talk to John at provide.net
about this issue. He will also talk to him about some issues we have
with outbound access on port 80
There have been a lot of outbound attacks on port 80. We may have to
consider limiting access to port 80 either by eliminating all access to
newusers or limiting the number of outbound packets.
Mark Conger read the following from coop item 364 response 28:
-------------------------------------------------------------------------
------------------------ nharmon Nathan Harmon response 28 of 41:
Sep 25 19:53 EDT 2006
I just think that more and more people fall into this "I am just a
volunteer" mentality because of the present way staff is organized. And
this is usually helped by instituting order on a professional level so
that instead of being "just a volunteer" you become an "unpaid
professional".
I've volunteered in a lot of organizations, most of which simply did not
accept the answer of "look, I m just a volunteer". I mean, if my CAP
commander called for my availability for SAR sorties, what would I say..
"Gee Major, I don t really feel like flying today, uh, besides im justa
volunteer"? It'd be the last thing I said. Or when I was on a volunteer
fire fighter. Do you think those guys blew off their responsibility? No
way. Or when I taught CPR/First Aid/AED for the Red Cross...what if I
just said "nah, im just a volunteer, ill just not show up at that
class". Yes, you can fire a volunteer, and the Red Cross doesn't have
any problem with doing so.
Now you might say "Gee Nathan, thats different, we're just an
organization on the internet". And I say that is exactly the attitude
you should NOT have. Board of Directors, how many times do you sit down
and think "what is grex NOT doing to promote free speech and free access
on the internet that we COULD be doing right now?" I mean, looking at
the BoD minutes...(this is just my opinion, not trying to be
offensive)...the BoD spends WAAY too much time micromanaging Grex. I
mean, discussion of the PC weasel? You should be discussing
GOALS...planning on how you can better accomplish your mission
statement. Forming committees for initiatives. Need an
initiative?...here is one: What is Grex doing to help promote a neutral
internet?
I say you people need to THINK BIG. Not about becoming big in size, but
rather big in impact. Grex is supposed to be about much more than just
running a BBS.
--------------------------------------------------------------------
Mark would like the board to consider this and perhaps spend some time
thinking about what we want Grex to be. What is the purpose of Grex? We
will discuss this at next meeting.
CLOSING GAVEL TAP
|
| 61 responses total. |
cross
|
|
response 1 of 61:
|
Sep 27 04:37 UTC 2006 |
I don't believe I'm mistaken in thinking that the removal of a board approved,
permanent staff member's privileges by another staff member was supposed to
be on the agenda for tonight's board meeting. In particular, I'd requested
that the board investigate formalizing a policy for such things; since it's
not addressed at all by the current root access policy, surely the minutes
don't imply that the current policy is sufficient to cover that issue? The
granting *of* root access, maybe (I've stated my arguments here several
times). But I'm talking specifically now about the *revocation* of those
privileges without prior board approval.
|
aruba
|
|
response 2 of 61:
|
Sep 27 05:34 UTC 2006 |
Thanks for posting the minutes so quickly, Lynne.
I think the consensus of the board was that a staff member needs to be
able to act in the best interests of Grex when he feels the system is
threatened.
In the current case, the dust has now settled, and we can go about
resolving the issue. I have written to Mic about it, and we will sort it
out.
|
cross
|
|
response 3 of 61:
|
Sep 27 11:35 UTC 2006 |
Surely Steve didn't feel that Mic was a "threat" to grex. I wouldn't be
surprised if Mic just quits in disgust.
|
other
|
|
response 4 of 61:
|
Sep 27 13:18 UTC 2006 |
If STeve had pulled cross' access, explained why to mic, and asked mic
not to re-extend that access without discussion, and if mic had been
intransigent about it, I would understand STeve's action in pulling
mic's access. It is a judgement STeve had to make about the threat to
Grex. I think policy is a good guide to judgement in just such a
situation, and there is no policy that says basically "because we have
set up a system to very carefully select trustworthy persons to be
staff, do not revoke another staff member's access unless they are doing
something immediately harmful to Grex which can only be stopped by
removal of that access, or if they otherwise demonstrate that they have
gained staff privileges under false pretenses and harbor ill intent
towards Grex. Also, in the event staff privileges are revoked in a
judgement call, should that judgement be shown to be either incorrect or
over-harsh, privileges should be restored as soon as possible in order
to retain the good will of all of the qualified volunteers of whom we
have asked service in a staff capacity."
|
janc
|
|
response 5 of 61:
|
Sep 27 15:04 UTC 2006 |
Hmmm...maybe that issue needs a bit more thinking about.
The board was unanimous in thinking that Mic's grant of root to Dan was
improper from a procedural point of view. But there was no ill intent
and no harm done, so we really weren't especially upset.
We didn't really discuss STeve's yanking of Mic's root.
I'm not sure whether or not I would have done the same thing in STeve's
shoes. He saw Mic giving Dan root, didn't know why or what was going
on, so he acted to shut it all down. Completely understandable.
But what is the policy on roots removing root access from other roots?
If Mic had got the the /etc/group file first, would it have been OK for
him to yank STeve's root access?
I don't think that the board is going to want to take any further action
on this particular incident, but maybe we should give at least some
consideration to whether there should be some sort of policy on roots
yanking root from other roots.
Only I can't think of what that policy would be. If you want to
formally authorize it under any circumstances, then you really need to
establish a formal hierarchy of roots. After all, it is only going to
happen when two roots disagree, and then you have to decide who has the
authority to boot whom, which means a hierarchy.
I don't think we want a hierarchy.
Lacking that, then the only real way the board can address this is by
working with staff to find ways that staff can do a better job of
communicating with each other, so that we can all get on the same page
before we start sudo-ing. The board DID discuss that, though we didn't
really draw much of any conclusions. This whole incident really speaks
of a communication breakdown among staff more than anything else, and we
do need to work on that.
But communication has gotten a lot harder. We used to have monthly
staff meetings. But several of our staff are now pretty far apart.
Should we do conference calls or something instead? Many of the staff
(including me) are sufficiently distracted that we don't communicate
very well at all.
|
jep
|
|
response 6 of 61:
|
Sep 27 15:09 UTC 2006 |
I would sure like to see everyone take a break from this issue for a few
days. Maybe it'll settle down a bit and everyone can treat it in a more
reasonable manner. It seems to me like a series of overreactions, with
each person pushing things just a little further away from where they
should be.
I am happy Mark will be talking with Mic about what happened. I expect
and hope he'll be able to smooth things over with Mic.
This all seems to me like an electronic pushing match between Dan and
STeve, more than anything. Personally I respect and admire both of
these gentlemen. I wish they felt that way about each other.
There is one discussion which has happened in 3 items now that I know
of, and maybe a couple more that I haven't been following. That's not a
good way to get a reasonable settlement for a disagreement.
|
tod
|
|
response 7 of 61:
|
Sep 27 16:54 UTC 2006 |
This all seems to me like an electronic pushing match between Dan and
STeve, more than anything.
I think it was a cop-out to ignore the fact that STeve yanked mic's access
without explanation. Its also a misrepresentation to present the password
hash standardization as "not an emergency". If the informal stance of staff
and the board is that nothing will be improved upon unless its an emergency
then say it. Don't waste staff volunteers' time by letting them think they
can improve the system when the truth is that they can't do anything without
prior written approval by self appointed capo de tutti capo staffers.
It is pretty transparent that there is a trust issue at the root of this
problem.
|
eprom
|
|
response 8 of 61:
|
Sep 27 17:37 UTC 2006 |
> I think it was a cop-out to ignore the fact that STeve yanked mic's
> access without explanation
cronyism.....pure and simple.
|
tod
|
|
response 9 of 61:
|
Sep 27 17:46 UTC 2006 |
I don't think Jan is the crony type. I'm assuming he doesn't know that
spooked was basically treated like dirt.
|