[hackerspaces] Abuse Of Power

Sat Apr 13 18:02:46 CEST 2013

/popcorn.gif

On Sat, Apr 13, 2013 at 8:56 AM, astera <astera at hackerspaces.org> wrote:

> Dear Paul,
>
> I got a couple alerts while I was at a conference in Amsterdam, and
> two emails about broken parts, and after taking a look and seeing
> someone unknown access my server and have root privs as I got back, I
> sent an email to the tech@ mailing list and removed sudoers access
> until I got a statement from fh. His account's access was restored
> within minutes after his reply. As I would like to know who gives
> access to whom on my servers, I would've very much hoped to get
> informed by you about this previously, personally or via the tech@
> mailinglist - because that's what it's there for. No, I do not rejoice
> in alerts while I'm away that leave me clueless about why they were
> generated, as I'm sure you would not, either.
>
> On Sat, Apr 13, 2013 at 5:32 PM, Paul Bohm <bohmps at gmail.com> wrote:
> > While we're almost done with this, the site got spammed heavily again.
> Flo
> > asked me if he could step in, and I said - well, the site is being
> spammed.
> > He fixed it
>
> Well, actually no. I tried something else today as the StopForumSpam
> integration doesn't work any more, and we'll see how that goes.
>
> > and also deployed the fixes that will make pagination work again
>
> Which I am more than thankful for, and that's also what I wrote to fh.
>
> > but she seems to have gotten
> > angry at FH and removed his and my access. At some point she said "you
> have
> > access again, enki not".
>
> Enki, you have access, as does fh, but until you learn to use the
> tech@ mailing list to at least have the gracefulness to let me know
> that you've asked someone else to fix something and give him root, I
> do not see how I can trust you with such privileges.
>
> > This isn't the first such story I've heard. Eric Michaud (who wrote a
> > sizable up to half of the stories at (http://blog.hackerspaces.org/)
> also
> > told me she removed his access much earlier for power struggle reasons.
> > (Eric is in cc)
>
> I have never before deliberately removed someone from sudoers. We
> have, however, migrated the wiki twice and home directories weren't
> always fully restored on new servers. As with every other bug that's
> brought to the tech@ mailinglist's attention, an email from Eric
> explaining he needs access would've sufficed.
>
> > it's not cool to sabotage others who actually do the
> > work, when you've let the site languish for years.
>
> I am not sabotaging anything. Without going down the same accusational
> path you have, I'd like to point out that letting something languish
> does not involve caring for the hardware, backups, fixing small bugs,
> or helping people with questions or access to data for their projects.
>
> > Sorry to put the laundry out in the open, but this just isn't a way to
> deal
> > with people.
>
> Exactly.
>
> Hack on,
> /astera
>
> PS: I will not spam the lists included in /cc any further by replying
> to this thread.
> _______________________________________________
> Discuss mailing list
> Discuss at lists.hackerspaces.org
> http://lists.hackerspaces.org/mailman/listinfo/discuss
>

-- 
Sean Bonner
homebase <http://seanbonner.com> | twitter <http://twitter.com/seanbonner> |
G+ <https://plus.google.com/101629211371073711149/posts> |
SAFECAST<http://safecast.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.hackerspaces.org/pipermail/discuss/attachments/20130413/0be94141/attachment.html>