Two FAS accounts for the same person - permitted?

Seth Vidal skvidal at fedoraproject.org
Tue Feb 2 16:50:02 UTC 2010 


On Tue, 2 Feb 2010, Juha Tuomala wrote:

>> Out of curiosity is your point to be antagonistic or are you actually trying
>> to improve things?
>
> If cleaning false assumptions and admitting that some areas are real
> problems - is improving, that's what I'm doing.

You don't appear to be doing that. You seem to just be attempting the 
'gadfly' method of helping matters. I'd like you to remember what 
result that achieved for Socrates.


>> If it is just the former then you are welcome to NOT be involved.
>
> And pulling out the welcomness from this particular identity is
> actually the only thing that can be done - considering the context ;)

Just having an account doesn't mean you have access to anything or are 
trusted. It only means you have an account. You have to maliciously want 
to lie and do harm.


> What I see is only possible way to do that is some kind of
> sertificate thing that would require global network of trusted
> fedora people (like already met in meetings) able to sign those
> fedora contributor certificates after checking the id documents
> first (against ban lists).

Those work only to limit access. And even then it just turns into a clique 
or a cabal-driven exercise.


> There are around 200 countries and some have quite long distances,
> requiring to meet people face to face doesn't really sound very
> feasible. Not being feasible doesn't remove the problem however.

No - but it makes you question your goals and priorities.

Our goals are openness and productivity. We do our due dilligence on 
security and I think we


> Easier would be to write red warning into wiki that "We actually
> don't know who took part of building fedora, so consider yourself
> warned."

You mean like all open source/free software? Great. I'd like to invite you 
again to not be involved if this is your belief about the whole system.

Or if you'd like to point out a linux distribution that doesn't have the 
above problem, I'm all ears.

> Didn't someone just crack berlios site to inject something into
> projects? In fedora you don't even need to crack anything, you get
> invited to commit.

And they didn't crack berlios by being involved and tricking their way in. 
The cracked berlios b/c of poor system maintenance.

If the only way to make something safe is to shut it down entirely then 
there's not much point in having it at all.

You should not cut off your nose to spite your face.

-sv

More information about the devel mailing list