Julian Andres Klode <j...@debian.org> wrote on 25/03/2025 at 22:10:25+0100:
> On Tue, Mar 25, 2025 at 03:53:24PM -0500, Richard Laager wrote: >> On 2025-03-25 12:06, G. Branden Robinson wrote: >> > 2. Will you articulate a policy that no Debian Developer shall occupy >> > more than one delegated role at a time? >> > >> > 3. Will you ask any Debian Developers enjoying multiple delegations to >> > resign from all but one of their choice? >> >> I have some concerns about this. >> >> It seems like this could just lead to broader delegations. For example, >> instead of having "General Team" with A, B, C, D, & E, and "Specific Team" >> with A, B, and C, just drop the "Specific Team". For a partially made-up >> example, imagine we had system administrators and then separate sub-teams >> for different subsets (e.g. web sysadmins, email sysadmins). Forcing an >> "only one delegation" rule here doesn't help anything, as the DPL would just >> eliminate the sub-teams in favor of one overall team. Where the subteams are >> used to limit access, this change would thus violate the Principle of Least >> Privilege. >> >> Additionally, the fact that people are wearing multiple hats probably >> indicates that was necessary to get the job done. There are 142 >> person-delegations to 103 persons. [1] Losing the duplicates seems like it >> would negatively impact the available volunteer time. >> >> [1] https://www.debian.org/intro/organization > > It's also quite frankly silly in a whole lot of cases: This whole thread is silly IMHO. -- PEB
signature.asc
Description: PGP signature
