[Mageia-sysadm] Login blacklist on identity

Michael Scherer misc at zarb.org
Thu Feb 10 16:52:02 CET 2011


Le jeudi 10 février 2011 à 16:35 +0200, Anssi Hannula a écrit :
> On 10.02.2011 16:28, Michael Scherer wrote:
> > Hi,
> > 
> > While thinking about setting email alias, I realized that if we are
> > gonna offer alias to various people, we should maybe forbid certain
> > login to be registered, like press, contact, president so they do not
> > clash in the future.
> > 
> > Is there anything to add on that list :
> >  contact   -> already used on the current website
> >  press     -> the same
> > 
> >  president -> could be nice to have
> >  secretary -> ditto
> >  treasurer -> ditto
> > 
> > security ? 
> > 
> > The goal is not to be exhaustive just to prevent stuff that are easy to
> > avoid. The goal of the blacklist is not to implement policy for naming
> > besides obvious clash. IE, I think we should not add sarkozysux/rox or
> > stuff like that, because this is a never ending task.  
> > 
> > And for obvious reasons I prefer to keep the list as small as possible
> > for a start ( and so only for thing when they are in practice used ),
> > and later let it grow.
> 
> Well, I'm not sure what benefit would such a partial list have?
> 
> I mean, don't all email aliases require some approval anyway? So that we
> could simply refuse ambigious addresses on a case-by-case basis.

Let imagine how it would go :

Some person is registering on the forum so it use catdap, with the name
apache. apache is blocked right now, but imagine it is not. It work
fine, he use his real name on the forum, and while apache may be
suspicious to moderator, that would not be so weird. He also post
bugzilla, etc.

Later, this person become active on design team. She subscribe to the
ml, using his email, and after lots of work, she become a peer in the
group, and so the design team grant a email alias as well as access to
some services ( let's imagine we also offer web space for sharing
design ). 

First issue happen, this person receive lots of spam, because apache@ is
a well know tried email. Annoying, but nothing weird. 

Second issue, the permission are messed up on the web host. Slightly
more annoying. Write access to everything where only the webserver
should have, etc.

Becoming peer will either be handled by sysadmins, or be delegated ( i
speak of the technical change , not the decision to do it that would be
delegated ). 
If we choose the delegation, either the design team is also fully avare
of the infrastructure and warn sysadmin, or they are not and just do it.
While I have no doubt our design team is gifted, I doubt they will be
this gifted to detect something wrong.

If we choose the migration by a sysadmin, the sysadmin will likely see
something weird, and react. But this show 2 problem :
- sysadmins will become a bottleneck, and that's bad.
 
- what to do to react ?

Changing login can be done on ldap without too much trouble. 
But then the login is out of sync on the rest of the softwares
( bugzilla, forum, etc ), with all the fun of a manual migration ( ie
sql query on production database ). As we agreed for practical reason to
have a unmutable login unless we can avoid it ( see the whole thread
starting at
https://www.mageia.org/pipermail/mageia-sysadm/2010-November/000897.html ), the whole system is engineered around this ( not that we engineered much, as most software on the planet is based on this assumption )


None alternative seems appealing to me. So trying to reduce such work 


> Related thing I wonder is if we should enforce an email alias format
> (like firstname.lastname@ or somesuch) or not.

It should be $login@ as the login is guaranteed to be unique, while
firstname.lastname is not unique ( seeks michael scherer opensuse to
see ), and can be changed ( people who marry, etc etc ). 
Not to mention that not everybody want to use his real name for
contributing ( and I have at least 3 exemples from the current ldap
directory ).

-- 
Michael Scherer



More information about the Mageia-sysadm mailing list