[Labs-l] Considering restriction of project membership to sysadmin role

[Petr Bena]

I have a bit negative reaction :) I am not any admin of labs and I had
to add about 4 people to bastion already including Reedy otherwise
they wouldn't have access at all. If you do this are you going to
watch the request page more carefully? The access to project with no
access to bastion is of no use

On Mon, Apr 2, 2012 at 10:27 PM, Ryan Lane <rlane32 at gmail.com> wrote:
> I'm considering a change to project membership and would like to seek opinions:
>
> Currently, any member of a project can add or remove another member.
> This enables a more collaborative environment, but also makes things a
> little insecure. Eventually, we'd like to open registration of
> labsconsole to allow anyone to have an account. By default people will
> only have rights to edit the wiki. However, if they were added to a
> project then they'd also have shell access inside of labs. We've been
> mostly limiting labs access via the bastion project. Right now it's
> possible for anyone to add/remove people in that project if they are a
> member. We track this via recent changes, and can remove/readd people
> at will.
>
> By limiting this access to the sysadmin role, we can limit project
> membership to those responsible for the systems inside of the project.
> This will introduce a higher burden on sysadmin users, though.
>
> Unless I get fairly negative reaction on this change, I plan on
> pushing it out soonish. Thoughts?
>
> - Ryan
>
> _______________________________________________
> Labs-l mailing list
> Labs-l at lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/labs-l