UCCminutes 990727 === [YAK] = Ian McKeller [yakk] [NTU] = Nick Bannon [nick] [DJL] = David Luyer [luyer] [MEL] = Melissa Challenor [melissa] [NRR] = Nick Rohrlach [bers] [MJH] = Mikolaj Habryn [dichro] [TAM] = Tamara Fehlberg [star] [SAM] = Sam Bentink [pol] [DTA] = Leighton Haynes [dayta] [MTL] = Mark Tearle [mtearle] [MST] = Anil Sharma [maset] [CMG] = Christopher Grubb [maelstrm] [ANT] = Anita Mathers [shuruga] [CHR] = Christopher Allen [callen] [BEN] = Ben Rampling [ben] [SAF] = Simon Fryer [fryers] [ECF] = John West [john] === Committee Present: [YAK] [NTU] [DJL] [MEL] [NRR] [MJH] Committee Absent: [TAM] Committee Apologies: [SAM] Others Present: [DTA] [MTL] [MST] [CMG] [ANT] [CHR] [BEN] === Meeting opened 17:15pm. President's Report: We had a fucking excellent 25th. Thanks mostly to Mel. Vice-President's Report: Brain is fried. 25th was good, thanks to everyone who helped. UCC camp is approaching, as is some UniSFA thing. First 3 days of the break - at Dwellingup - near Ben's place. 20th - 24th September. Nice new campsite. Mel is making a lemon meringue pie for everyone for the camp. Treasurer's Report: $300 from vending machine, but it is running out occasionally. $430 from cash box (includes some 25ths). No cheque from iiNet yet. Door takings including most of auction takings, $2223. Banked just under $3000. Overall balance around $6500 but Rydges not paid yet ($4000, $500 already paid as deposit so $3500 to go, also up to $1000 to come in still). Correspondance: We got some propoganda from PAC. Machine reports: Money should do something. [MST] reports that he knows shit. General business: UCC owns a gazebo (from members). [MTL] has it. [NTU] and Alistair want money for food purchases, etc, but Alistair still hasn't brought in a receipt. [MEL] wants to go to FAL to get better chocolates. Everyone laughs at [MEL] and [NTU]'s bickering. Programming competition. [YAK] says he's organising stuff. [MEL] says he isn't. [YAK] still claims he is. [MEL] sat next to Phil Veltman in her exam today. [no comment] [SAF] arrives. We still need to buy locks, cables, etc. [YAK] will get them. So we can blame him for not doing it. [MST] suggests people should kick the door to check if it's shut properly. [NRR] comments about kicking doors in general, and suggests they might be damaged. [MEL] stares at [NRR]. [YAK] asks that account locking information is sent to all doorgroup members. 3 for. 3 abstained. 2 absent. Suggested that if it is sensitive then we should send to door and wheel. 3 for, 3 abstained. Committee-only and wheel. 2 for, 4 abstained. [NTU] - democracy sucks. [YAK] - democracy is crap. [YAK] - form a subcommittee. [DTA] - form a subcommittee to form a subcommittee. To be discussed on mailing lists and to be discussed at the next committee meeting. [ECF] arrives. [MEL] repeats many times "committee are the elected representives of the club". [YAK] argues the point again. [NTU] and [YAK] argue, [YAK] believes that too many people are in door. [YAK] suggests we can make door smaller. [MEL] wants to have a general meeting to formalize wheel group. Much more debate. [YAK] moves that committee members, wheel and door are automatically sent messages that accounts have been are locked. Passed unanimously. (note: this motion didn't ask that the reason for locking be sent out, so there will probably be future debate. but enough for now.) [YAK] introduces the "ball", nobody can speak without the ball. [YAK] passes the ball to [MST]. [MST]'s account locking. [MST] permitted someone to use the root account on scarlet. [MST] couldn't get a WinTerm up on scarlet so he logged in as root. He then let someone else use this account. He was originally standing behind him. He then left a door group member to watch the person to make sure they didn't abuse root access. The person using the root account wasn't a member at the time (but is now). [NTU] points out that we now have 2 members as a result of this, which is a minor positive (because of the spellcast game). [MJH] suggests [MST] really fucked up but it has been blown completely out of proportion. [ECF] points out wheel is serious. Root accounts are very serious. The people involved should take it more seriously. [MTL] suggests [MST] just stuffed up and didn't know what was expected of him. [MEL] suggests that the club is missing policy and procedure and wheel should be formalized so wheel know what their rights and responsibilities are. [YAK] believes wheel should not be in the constitution as the nature of the club changes over time and wheel has only existed for 8 years and may disappear over time. Everyone has done things wrong over time. [MTL] thinks the UCC constitution needs work as it is very vague. [NTU] believes it is good that the constitution is vague as it can't change fast enough to deal with real life. A club governed by rules and policies wouldn't get anywhere. [MST] admitted he had done things wrong but was pissed off about the root password being changed to prevent him logging in as root while his account was locked. [MEL] points out [MST] has done the wrong thing and should stop trying to defend himself. [PGW] suggests even though the wheel group is only "new" there can still be rules and regulations. He believes changing the wheel password was not a good idea. Also complains that he doesn't know the new password. [MJH] states many decisions are made on the spot and we should trust people not to repeat mistakes. We will always make mistakes. There should be a better awareness of security issues amongst wheel. [NTU] believes we need policies but not specific rules as once there are too many you can't know them all and can't be specific about their use. [YAK] thinks wheel did the wrong thing for the right reason. It was completely wrong but he was trying to help members. [MTL] tries to pass the ball to [DJL]. [DJL] passes the ball on to [MEL] without commenting. [MEL] thinks that Grahame shouldn't be in wheel as he is naieve and doesn't understand the full responsibility of being in wheel and that wheel should consider new members more carefully. [YAK] states that it is good to have given more responsibility to Grahame and that it can only have positive results for Grahame and the club. [MST] states that his account locking has resulted in Grahame being scared of doing anything and he has been very careful. [DTA] states that Grahame has asked him before doing anything as root. [YAK] comments that Grahame managed to install zsh on scarlet, which the "competent" wheel members failed to do. [DJL] explains the [DTA]'s not being told the root password (relating to letting [MST] use spellcast displaying on Mac X server running in [DTA]'s account). [DTA] thinks that the way that spellcast works is not a problem. [MST] comments that he was punshed by playing spellcast on the Mac which only has one mouse button. [ECF] thinks fixing the game should be a project for Grahame. [DTA] says the UCC machines are easily hackable anyway. [MST] comments about account sharing and says he thinks the only problem is people leaving the running spellcast for other people to use and not logging out. [BEN] states that people are logging in for other people to play spellcast to start with. [DJL] comments sharing X authentication is very bad, and xhost is very very bad and absolutely trivial to exploit, with very widely available examples (not just key sniffing which is utterly trivial, but much more evil things). [NTU] comments about using VNC or something else to fix the problem. (after meeting comment by [DJL] - maybe we need to set up some magic scripts with xnest and a chroot environment for this horrible game given the comments on the shocking code quality and the apalling security model.) [YAK] states that the game is set up to run in a particular way and we should let it run that way. [MJH] states that whoever starts spellcast should point out that they are giving complete control of their xterm and account to the person running spellcast. [PGW] points out that if spellcast is written badly then people should re-write it. [MST] suggests spellcast is a fad and will pass. [YAK] closes the meeting. [MST] and [DTA] given the new root passwords. No decision made about spellcast. Meeting closed 19:45pm