On Thu, 2005-07-28 at 16:20, Guido van Rossum wrote:
I hope we're correctly estimating the effort required to manage the server and the users.
Yah, me too! ;) We are building some experience with this though, having moved many of the system files, and all of the web pages, to svn. So far, the management overhead has been almost nil (um, None :). We'll have a bit of ongoing work to add users, but the infrastructure team is also building up some community knowledge about how to do that.
Managing users is especially important -- if a user is compromised (as has happened in the past for python.org users) the whole repository is compromised. Now this could happen to SF users too, but I'm not sure that we know all the tricks in the book to prevent attacks; SF has been doing this for years and that's an aspect of SF that I trust (I think I've heard that they have even modified their SSH server to be stricter).
James has a very interesting idea for mitigating this. Presumably <heh>, we'll have backups of everything. I'll feel better when we have coverage from maybe 6 admins spanning as many timezones as possible. -Barry