Re: [Dfey-general-discuss] Bitfolk supporting DFEY

[Robert Leverington]

Hello,

On 2009-11-15, Tim Dobson wrote:
> At Oggcamp I gave a talk about engaging young people in technology,
> pretty much identical to the one I gave at WYLUG a few weeks ago[2].
> 
> Afterwards I was approached by Andy Smith from Bitfolk[3]. Some people
> here may be aware of the community VPS, dogfish.dfey.org which currently
> hosts our website and a number of other services.
> 
> Andy offered to allow DFEY to use the Dogfish VPS (maintaining the same
> spec) for free with a number of preconditions, none of which I see being
> a major issue:
> 
> * It is not used for commercial purposes
> * We take steps to ensure abuse doesn't originate from dogfish
> * We take steps to ensure that dogfish isn't compromised
> * We notify Bitfolk immediately if dogfish is compromised
> * If the machine causes him a lot of work (eg. is compromised more than
> once) then we will have to understand it is not viable for bitfolk to
> continue supporting us.
> 
> In return for the VPS, we will list them on our website as providing the
> VPS.

This is great news, I have updated the wiki and will update the website
tomorrow if no one else does so before (along with a number of other
adjustments to the website I proposed some time ago).

> If we ever need more hosting for special events etc we should negotiate
> with them.
> 
> Keeping the machine secure should not mean that people are tied down and
> unable to play around on it however it does mean we need to take a
> pro-active response to the security and administration of the machine.

At this point our attitude towards security is very good, regardless
there are couple of minor changes I am suggesting below.

I would like to propose implementing a firewall, with the intent of
prohibiting daemons from being run - at the moment any user is able to
run these on non-privileged ports.  This should not affect any normal
usage, and the rules could be adjusted on a case-by-case basis if
necessery.

> We already require ssh public key authentication to access dogfish. This
> is good. We need to continue to only allow access with keys.
> 
> We already have a proactive outlook on security updates with the
> sysadmin team being emailed when new updates are available and with them
> typically being installed promptly.
>
> We need to establish a policy towards accounts on the machine - give
> them out to people who we trust and have known for some time. Accounts
> need to be deactivated after a period once people lose touch and stop
> using them. I'm not sure exactly how people feel this should work put
> thoughts are more than welcome.

I think the best method would be to decide upon an arbitrary length of
time used in determining whether a member should have access.  They can
be given access after x amount of time of being active in the community
(mailing lists or IRC), and lose access after x amount of time of not
participating in these parts of the community.  My suggestion would be
two months.

Regarding root access, it makes sense to be a bit more strict about
this.  My proposal would be to remove roots after one month of
inactivity, and to give root access out on an as-required basis with the
majority consensus of all existing roots and a positive indication from
the rest of the community.  Where possible, more specific group-based
access should be used instead.

> We need to keep reliable written records of who has access to what and
> how to contact them.

Updated on the wiki.

> We need to regularly audit web applications installed on the machine for
> potential security issues and make sure everything is patched appropriately.

Updated on the wiki.

> Bitfolk have been very supportive of what we are setting out to do and
> I'm very pleased to announce this partnership.

++

> Feedback, thoughts and questions, as always, is welcome. :)

Regards,
-- 
Robert Leverington
http://rhl.me.uk/

signature.asc
Description: Digital signature