[WikiEN-l] new CheckUser proposal up

[David Gerard]

Anthony DiPierro wrote:
>On 10/13/05, David Gerard <dgerard at gmail.com> wrote:

>> * Remember that a small number of the developers (those who have
>> access to the database) already have this power and use it. They
>> control the horizontal, they control the vertical, they see all and
>> know all — because they have to have complete control in order to
>> administer a top-50 website. But they respect the privacy policy,
>> because that's what you do as a sysadmin. The proposal is to extend
>> access to just one power, so as to avoid a bottleneck of too few
>> people for the job.

> Do you really think there are people at other top-50 websites with unlogged
>and unfettered access to this sort of information?
> If so, do you think they had to go through any background checks, and sign
>a non-disclosure agreement?
> It certainly *is* possible to set up a system so that *no single person*
>can "see all and know all". I would hope all the other top-50 websites have
>set up such a system.


You can either try to Taylorise the process of trusting people, or you
can get in people you trust. Sysadmins *could* do any destructive
thing they want. But they pretty much *don't*. I wonder why that is.

Usually it works that the sysadmins have the access they need to keep
stuff working. Around here, where all day every day is a "WTF?!"
moment, the present process seems to work. I'm sure you can outline
many reasons why the present way of doing things is utterly broken and
can't possibly work in theory, never mind that it does in practice.

You don't actually know much about systems administration in practice, do you?


- d.