|
Grex > Coop > #299: Discussion of newuser. | |
|
| Author |
Message |
| 25 new of 85 responses total. |
kentn
|
|
response 46 of 85:
| 
Dec 12 14:51 UTC 2010 |
It's helpful to show support, Joe. Thanks!
|
tsty
|
|
response 47 of 85:
|
Dec 13 17:04 UTC 2010 |
re 45 ... what gelinas said.
re 43 ... ummm, newuser process prompts new-loginid to create a passwd.
then why email that pasaswd to new-logoind's alt email addrs? or does
the newuwer process wipe out new-logoind's self-created passwd, assign a new
passwd and then email that onwe ?
as of now, i can see every bad reason to email passwds and no good ones.
charlie == charlie root ... from whom we (both??) eget daily emails. eh?
|
cross
|
|
response 48 of 85:
|
Dec 13 17:09 UTC 2010 |
resp:43 Are you talking about the captcha? That's not the user's password.
|
tsty
|
|
response 49 of 85:
|
Dec 14 02:58 UTC 2010 |
putty now has a capthca ???? i;ll have to look at teh web version again.
|
remmers
|
|
response 50 of 85:
|
Dec 14 17:08 UTC 2010 |
I like the email and captcha features in pnewuser. They're definitely
in line with common practice nowadays.
Hm, a while back I think I said I was going to post suggestions on what
newuser should say in its dialog with the user. Well, I'm on vacation
now so that's been pushed back a bit, but I'll try to get on it once I'm
home.
Speaking of dialog, one of the features of the Marcus Watts newuser was
that messages newuser put out were stored in plain text files editable
by non-programmers and read by the program at runtime. That's a nice
configurability feature. I realize that pnewuser is written in Perl, so
that's less of an issue, but I think it would be desirable to be able to
configure pnewuser's messages without touching the source code.
|
kentn
|
|
response 51 of 85:
|
Dec 14 19:00 UTC 2010 |
I went through the current command line newuser the other day, and saw
the captcha feature, too (it looks like figlet lettering). The email
feature worked nicely. It gave me the temporary password and told how
to log in via ssh, which is a good thing. When I used the password to
log in, it immediately had me change it so the user gets to use their
desired password (also a good thing). What I had trouble finding,
though I may have missed it in all the text that flowed by, was how
to get validated. That probably should be part of the resh allowed
commands list so that users will find it right away, and part of the
instructions when you log in if you are a resh user. Again, I may have
missed it, but it wasn't immediately obvious to me.
|
veek
|
|
response 52 of 85:
|
Dec 14 19:09 UTC 2010 |
is the src available for viewing? we could modify it to make sure users
understand the risks.. seen that in eclipse.cs.pdx.edu:7680, it's a
MUD. They ask the users a lot of questions that they have to get right,
before they are allowed into the main area. eg: Dear user, is it safe
for you to use the same password to signin to Grex, that you would use
at your bank web-site? and he would have to answer no.. stuff like that
given the privacy issues we now face.. it would give us a bit of
leeway.
|
nharmon
|
|
response 53 of 85:
|
Dec 14 19:18 UTC 2010 |
I too tested the command line new user recently and liked it a lot.
|
veek
|
|
response 54 of 85:
|
Dec 14 19:30 UTC 2010 |
resp:52 nm found it
|
cross
|
|
response 55 of 85:
|
Dec 15 00:48 UTC 2010 |
I am typing on my phone, so excuse the brevity. All the text is still in text
files. Source is in subvversion. It probably needs a soak.
|
tsty
|
|
response 56 of 85:
|
Dec 15 01:12 UTC 2010 |
i am -elated- taht newuser text&html have had the cross-soak applied.
that it took this much rancor to get there .. well, someitmes it does.
tnx cross & testers.
|
cross
|
|
response 57 of 85:
|
Dec 15 16:39 UTC 2010 |
Web newuser is still broke.
|
kentn
|
|
response 58 of 85:
|
Dec 15 16:44 UTC 2010 |
But on our collective list to get fixed Real Soon Now.
|
cross
|
|
response 59 of 85:
|
Dec 15 16:46 UTC 2010 |
True dat.
|
tsty
|
|
response 60 of 85:
|
Dec 15 17:50 UTC 2010 |
jsut di d the web thing this time/date:
Error in Account Creation
Your application for an account on Grex has not been processed due to a system
problem.
* Could not access directory /usr/noton/nu/
Sorry.
|
tsty
|
|
response 61 of 85:
|
Dec 15 17:51 UTC 2010 |
however i did notice this selectable option:
Privacy: Who may see the information in
this section of the form?
All users.
Grex staff
only.
validate necessitates, sometimes, 'grex staff only'.
i;ll try the cli version
|
tsty
|
|
response 62 of 85:
|
Dec 15 17:59 UTC 2010 |
he captcha -is- case sensitive ... that needs to be -clear-.
|
tsty
|
|
response 63 of 85:
|
Dec 15 17:59 UTC 2010 |
re 57 ... oops didin;t see that .. my bad.
|
cross
|
|
response 64 of 85:
|
Dec 15 18:14 UTC 2010 |
resp:61 That has NOTHING to do with validation. That's just managing a
user's expectations so that they understand that staff *can* read their files;
that doesn't mean that staff *should*.
|
richard
|
|
response 65 of 85:
|
Dec 15 22:07 UTC 2010 |
sounds like the issue is that too many staffers have root access.
Change the root pw and declare that one, and only one person, has that
access. Designate one person the root staffer. This eliminates issues
like what was being discussed with TS. Most staff work doesn't require
root does it?
|
cross
|
|
response 66 of 85:
|
Dec 16 09:58 UTC 2010 |
No, it does not. But it's useful to have multiple people with root. The
issue is what to do when that access to abused.
|
richard
|
|
response 67 of 85:
|
Dec 16 10:24 UTC 2010 |
No the issue is whether the usefulness of having multiple staffers with
root outweighs what to do when that access is abused. I want to know if
Cross would accept root access being limited across the board, including
possibly himself, as opposed to banning staffer he doesn't like.
|
richard
|
|
response 68 of 85:
|
Dec 16 10:26 UTC 2010 |
Or better yet, if Cross is so concerned with TS having root access,
would he as a trade off, be willing to agree to give up his own root
access in exchange for TS losing his? If he were willing to do that, it
would lend more credence to his claims.
|
jep
|
|
response 69 of 85:
|
Dec 16 16:25 UTC 2010 |
Richaqrd, Dan needs root because he is the primary system admin.
|
richard
|
|
response 70 of 85:
|
Dec 16 19:49 UTC 2010 |
This response has been erased.
|