[fab] Fedora Project and Hosting
Warren Togami
wtogami at redhat.com
Fri Oct 20 16:59:02 UTC 2006
Jesse Keating wrote:
> On Friday 20 October 2006 10:58, Warren Togami wrote:
>>> What prevents somebody from creating a project and checking in sources
>>> that are highly illegal?
>> CLA and some group membership that requires sponsorship would be more
>> than sufficient to guard against this. cvsextras would be a good
>> starting point.
>
> Which certainly sounds like "bureaucratic hassles or delays" to me. First a
> user has to get a CLA, then somebody has to sponsor them to be added into a
> group, and wait for propagation.
>
> My point being that we can't have any sort of self protection without
> bureaucratic processes.
Existing trusted users (who are quite numerous and membership expands at
a good rate) would have free reign without bureaucratic overhead to
create projects and repositories. They could grant commit access to
others, and be responsible for content in repositories that they own.
I see this as a good balance that both allows flexibility of developers
to do what they want, with an effective amount of risk mitigation.
Warren Togami
wtogami at redhat.com
More information about the advisory-board
mailing list