On Mon, Oct 19, 2020 at 04:44:34PM +0000, Mattia Verga wrote:
A little off topic, but Noggin related: I've just (re)created my
account
on Noggin, since real accounts have not been ported yet, but I'm a bit
concerned with this.
Suppose someone move up and would have created an account in Noggin
using my username, but using his data... does that mean that they would
have access to staging resources my account has access to?
yep.
And what about accounts for "VIPs" here that have wide
access to the
staging infrastructure?
Yes, and no.
I agree it's a concern, and we probibly should disable new accounts in
it for now, but it's not a great concern as there's currently no non
root ssh access to stg, so no one would get that. They could get access
to some apps, but we often sync from prod over staging and anything they
do would just be wiped out.
But yeah, I think if the fas sync is going to take a bit, perhaps we
should disable the new account creation for now.
kevin