[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5260 [Company]: Make ldap account for marlowe

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #5260 [Company]: Make ldap account for marlowe
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Wed, 29 Feb 2012 08:01:22 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 29 Feb 2012 03:01:37 -0500
In-reply-to: <047.e03bb2a04f6680f75b5e1abb5cae3e8e@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.e03bb2a04f6680f75b5e1abb5cae3e8e@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#5260: Make ldap account for marlowe
---------------------+------------------------------------------------------
 Reporter:  marlowe  |          Owner:  weasel
     Type:  task     |         Status:  new   
 Priority:  normal   |      Milestone:        
Component:  Company  |        Version:        
 Keywords:           |         Parent:        
   Points:           |   Actualpoints:        
---------------------+------------------------------------------------------

Comment(by mikeperry):

 arma must be testing if I'm watching the bugs list... I do have concerns
 about giving ldap accounts to every random person, but requiring that some
 random friend of a friend meet them in person is not the right bar, imo..

 What is the concern here? What risks do we incur by giving an owner of a
 gpg key some level of access to our infrastructure? How many of these
 risks still exist if we simply make sure that the owner of this gpg key is
 actually the same person who volunteered to make rpms for us?

 I'm not saying there is no risk... I'm just wondering what problems we're
 trying to solve by requiring an arbitrary person to meet someone else in
 person.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5260#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #5260 [Company]: Make ldap account for marlowe
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #5268 [Translations]: Update translation instructions for TorCheck
Next by Author: Re: [tor-bugs] #5207 [Ooni]: ooni-probe should only set UseMicrodescriptors 0 if Tor understands that option
Previous by thread: Re: [tor-bugs] #5260 [Company]: Make ldap account for marlowe
Next by thread: [tor-bugs] #5261 [Tor bundles/installation]: TBB for Linux tries to talk to an X session manager
Index(es):
- Author
- Thread