Editors for the new website
Jason Rogers
jacaetevha at gmail.com
Tue Oct 4 21:15:19 UTC 2005
Aha. That was enough of a chastisement!! Thanks Ken.
I will do as you suggest
On 10/4/05, Ken Causey <ken at kencausey.com> wrote:
> On Tue, 2005-10-04 at 16:18 -0400, Jason Rogers wrote:
> > Hello all. I am excited by the amount of enthusiasm I see in the
> > community about the new site. Thanks.
> >
> > There have been several inquiries about how to become an editor to the
> > new site. We don't currently have a well-defined process to add new
> > editors, but we will do our best to put our minds together and figure
> > out what that should be.
> >
> > Currently you can just send a request to the website team list or dev
> > list. Please let us know what you would like for your username. If
> > we "have an opening" for a new editor a password will be assigned to
> > you. However, for security reasons we would like to not send this
> > information through standard email. What I have done in the past is
> > to put the login information on Box2 in the website user's home
> > directory. I will ask you for an SSH key and add it to the website
> > user's authorized_keys file on Box2. At that point you will be able
> > to SCP the file down (or just SSH in to the box and read the file) to
> > get your password.
>
> Please do not do this. This is not a good idea as you are giving these
> people access to the server and this must not be done without going
> through the Box Admins team.
>
> > I realize that is not an optimal process, but I don't think adding
> > editors ought to be that optimal. It's just opens the site up to
> > industrious hackers by sniffing emails.
>
> I think you are being far far too paranoid here. Many websites send
> passwords by email. As long as the email is sent directly to the
> recipient and the information being secured is not too sensitive then
> there is no problem.
>
> > If you think I am being too paranoid feel free to chastise me. If I
> > am chastened enough perhaps I will change the process. Likewise, if
> > you have a better idea how to add editors securely let me know.
> >
> > --
> > Jason Rogers
>
> Consider yourself chastised. Send the password in a personal email
> directly to the recipient and the chance of their being a problem is so
> remotely low as to be insignificant. You keep backups right?
>
> Ken
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (GNU/Linux)
>
> iD8DBQBDQuv+//qOUj3eKgMRAht3AJ414TA9DCtKDITeiD8STf2f9zj6HwCfUoKj
> f5Y0N6M4C9DEGZci8lm20dk=
> =ozVT
> -----END PGP SIGNATURE-----
>
>
>
--
Jason Rogers
"I am crucified with Christ: nevertheless I live; yet not I,
but Christ liveth in me: and the life which I now live in
the flesh I live by the faith of the Son of God, who loved
me, and gave himself for me."
Galatians 2:20
More information about the Squeak-dev
mailing list
|