As one of the people with the ability to edit the Front Door Magnetic Card
Access System, I have a few questions for everyone to think about:
What are our requirements for information kept on each card? This
information is only available to people like myself with root access on
the door control computer.
I was going on the assumption that, for each card able to open the door,
we should store the following information:
1. the name or nym identifying the person who will be using the card
2. a way to contact that person (phone number or email)
3. at least one affiliation with a member collective (sudo, CCL, BAPS etc)
I have been seeing cards getting added to the records without #2 and #3
and I wonder if we, as Omni, thing this is a sustainable policy.
Also, I don't know how many people have access to the door control
computer, and access is presently anonymous. Is this something that
should be more curated? We have a mailing list access(a)lists.sudoroom.org
but I never get any responses from anyone on the list.
thanks for your thoughts on this.
-jake
someone keeps adding people to the door access anonymously,
and without listing which collective they're a part of. For example:
# Josiah Zayner - josiah.zayner(a)gmail.com | added on Sun Jan 17 2016 14:40:40 GMT-0800 (PST)
also, I think we should change the access permission to the omnidoor to
specific users, instead of just letting everyone login as root.
also, i think everyone who can edit the door access system should be on
the access mailinglist.
what say you?
-jake
On Wed, Jan 20, 2016 at 7:23 PM, Jake <jake(a)spaz.org> wrote:
> also, I think we should change the access permission to the omnidoor to
> specific users, instead of just letting everyone login as root.
>
> also, i think everyone who can edit the door access system should be on the
> access mailinglist.
Those seem like no-brainers and if I had set up the system I would
have enforced those rules from the beginning without asking first. :)
On Wed, Jan 20, 2016 at 7:25 PM, yar <yardenack(a)gmail.com> wrote:
> Those seem like no-brainers and if I had set up the system I would
> have enforced those rules from the beginning without asking first. :)
fwiw, when you gave me root access, the first thing I did was give
myself my own account, because root logins are not just absurdly
insecure, but it means you have to interact with other peoples' shared
settings and bullshit.