Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Threaded View
Accumulo, mail # dev - [DISCUSS] Accumulo Bylaws


Copy link to this message
-
Re: [DISCUSS] Accumulo Bylaws
Christopher 2014-02-21, 00:00
I don't agree that it's just a matter of trusting committers to keep
their accounts secure. It's also the project's responsibility to keep
the project's repositories secure, and I think it's a matter of
routine security.

An inactive committer may not think to change their ASF credentials in
the case of laptop theft, or some other exposure. And, what about in
the case of death (it happens)... should those credentials have
indefinite access? However, since it should only be done as a security
precaution for inactive users (if at all), I don't think it's a matter
of requesting write-access again... it's really a matter of demanding
it. Asking is polite, but the expectation should be that it be
re-enabled, as a requirement... since it was only done as a matter of
routine security, and not because that committer's privileges are in
question.

I don't have a strong opinion that we enact such a policy for inactive
committers, but if we do, I think it has merits beyond trusting
individuals with keeping their personal credentials secure.

Also FYI, "concensus" spelled correctly is "consensus".

Christopher L Tubbs II
http://gravatar.com/ctubbsii
On Tue, Feb 18, 2014 at 5:08 PM, Josh Elser <[EMAIL PROTECTED]> wrote: