[Sysadmin] Re: [steering] DNS, part 2.

[Martin]

On Fri, 25 Apr 2003, John Handelaar wrote:

> We managed to retrieve the NetSol account details
> again and I've reversed the changes.

Great - thankyou!

> I have also, *pending further decision-making in
> the appropriate fora*, changed the password on the
> account in order to prevent further unauthorised
> screwing around,

The right thing to do I think.

Further decision-making being (imo), DNS pw and tech contact should be
with whoever SysAdmin agree on, with the outcome that it's a small, but
>1[1], number of people.

> and assigned the 'Administrative Contact' record to myself.

Fair enough in the circs. Should end up being Elfur though, I think.


> *Exceedingly* angry about this.  I want iron-clad
> guarantees that this will NOT be permitted to
> happen again - rightfuckingnow.

If the right ppl (ie not going to screw up through accident or design[2])
have the pw for the right reasons (ie because evolt.org has given it to
them), and no-one else, I can't see it happening again. If it does, then
whoever's responsible shouldn't have the pw.

Normal security, done right, in other words.

Cheers
Martin
[1] For 'going under a bus' reasons
[2] I'm probably disqualified on the 'by accident' criterion

-- 
"Names, once they are in common use, quickly
 become mere sounds, their etymology being
 buried, like so many of the earth's marvels,
 beneath the dust of habit." - Salman Rushdie