[tor-bugs] #27282 [Internal Services/Service - trac]: Remove trac admin permissions from inactive users
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Aug 23 20:26:37 UTC 2018
#27282: Remove trac admin permissions from inactive users
----------------------------------------------+--------------------------
Reporter: teor | Owner: teor
Type: task | Status: assigned
Priority: Medium | Milestone:
Component: Internal Services/Service - trac | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------------------+--------------------------
Comment (by qbi):
Replying to [ticket:27282 teor]:
> If someone hasn't logged in for 6 months, we remove all their
permissions.
https://trac.torproject.org/projects/tor/wiki/org/operations/services/trac
says that TRAC_ADMIN permissions will be removed. If this should be the
policy, I suggest also remove them from groups which contain TRAC_ADMIN as
a permission.
However the above sentence could also be understood in a way that those
users are downgraded to anonymous or authenticated users. It might also be
a good policy to downgrade them to authenticated users. So all other
special permissions which were collected over time get removed.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27282#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list