Not signed in (Sign In)

Not signed in

Want to take part in these discussions? Sign in if you have an account, or apply for one below

  • Sign in using OpenID

Site Tag Cloud

2-category 2-category-theory abelian-categories adjoint algebra algebraic algebraic-geometry algebraic-topology analysis analytic-geometry arithmetic arithmetic-geometry book bundles calculus categorical categories category category-theory chern-weil-theory cohesion cohesive-homotopy-type-theory cohomology colimits combinatorics complex complex-geometry computable-mathematics computer-science constructive cosmology deformation-theory descent diagrams differential differential-cohomology differential-equations differential-geometry digraphs duality elliptic-cohomology enriched fibration foundation foundations functional-analysis functor gauge-theory gebra geometric-quantization geometry graph graphs gravity grothendieck group group-theory harmonic-analysis higher higher-algebra higher-category-theory higher-differential-geometry higher-geometry higher-lie-theory higher-topos-theory homological homological-algebra homotopy homotopy-theory homotopy-type-theory index-theory integration integration-theory internal-categories k-theory lie-theory limits linear linear-algebra locale localization logic mathematics measure measure-theory modal modal-logic model model-category-theory monad monads monoidal monoidal-category-theory morphism motives motivic-cohomology nlab noncommutative noncommutative-geometry number-theory of operads operator operator-algebra order-theory pages pasting philosophy physics pro-object probability probability-theory quantization quantum quantum-field quantum-field-theory quantum-mechanics quantum-physics quantum-theory question representation representation-theory riemannian-geometry scheme schemes set set-theory sheaf simplicial space spin-geometry stable-homotopy-theory stack string string-theory superalgebra supergeometry svg symplectic-geometry synthetic-differential-geometry terminology theory topology topos topos-theory tqft type type-theory universal variational-calculus

Vanilla 1.1.10 is a product of Lussumo. More Information: Documentation, Community Support.

Welcome to nForum
If you want to take part in these discussions either sign in now (if you have an account), apply for one now (if you don't).
    • CommentRowNumber1.
    • CommentAuthorAndrew Stacey
    • CommentTimeNov 6th 2009

    There are various levels of access to the infrastructure of the n-lab and environs. I'd like to clear up who has access to these levels and who should have access to these levels.

    The levels are:

    1. Root access to the host server. Can do anything related to the data and infrastructure, can do anything related to the web server (such as redirects, blocks, make the entire n-lab disappear for anyone in the US, ...). Currently: Andrew Stacey
    2. User access to the instiki area on the server. Can do anything related to the data and instiki infrastructure. Currently: Andrew Stacey, Toby Bartels, Urs Schreiber, Jacques Distler
    3. User access to the maintenance area on the server. Can restart the instiki process and the web server. Currently Andrew Stacey, Toby Bartels, Urs Schreiber, Jacques Distler, Mike Shulman
    4. Web-side administration access to the instiki server. Can modify "webs": add, delete, rename, modify CSS, make private, public, or published. Currently: Urs Schreiber, Toby Bartels, Andrew Stacey, and ???
    5. User access. Can modify n-lab pages. Currently: Everyone except a couple of spammers.

    The purpose of the levels is not to create a hierarchy of status, but a hierarchy of "who to ask to get something done", a hierarchy of "who to blame when it all goes wrong", and to ensure a measure of safety against deliberate or accidental sabotage (accidental being by far the most likely).

    I've been careful not to say "n-lab" since anyone with high enough access can technically read any of the private webs - that's another reason for keeping these lists small, and public.

    On the other hand, we want to ensure that there is enough world-wide coverage that if the n-lab goes down, it can be brought back up again fairly quickly - this is what level 3 is for, and current experience seems to bear out that we have enough in this category (though I think that that says more about the current stability of the server than that one of that group is always awake and in front of their computer).

    Only levels 1,2,3 (access to the server) should be regarded as in any manner secure, though level 4 is probably secure enough on the principal of not being worth trying to hack.

    The system password will soon be changed so although level 4 is currently a bit fuzzy, it will be tightened up.

    This list will be transferred to an appropriate nlabmeta page once it is in a settled form.

    In the interests of full disclosure, the corresponding categories for the n-forum are:

    1. Administrator. Can do anything. Currently: Andrew Stacey (but only when logged in as the administrator)
    2. Moderator. Can do a few extra things designed to protect against spam when the administrator is on holiday. Currently: Toby Bartels.
    3. Member. Can access all areas of the n-forum. Currently: You lot.
    4. Guest. Can read most areas of the n-forum, can post in "Latest Changes". Currently: Everyone.
    • CommentRowNumber2.
    • CommentAuthorMike Shulman
    • CommentTimeNov 6th 2009

    An interesting thing to note, which I regard as a flaw in Instiki, is that (as I understand it) you need level 4 access in order to change attributes of any web, such as making it published/private or adding stylesheet hacks. I think this is probably part of the reason why level 4 is currently fuzzy -- it's easier to give the password to someone who wants to modify their private web than to have to do it yourself. It would be very nice if individuals could make such changes to their personal webs without having to know the "master password" that would allow them to do the same thing on other webs.

    • CommentRowNumber3.
    • CommentAuthorAndrew Stacey
    • CommentTimeNov 6th 2009

    I think you're right, but that needs to be sorted out upstream. I'm not sure I've seen it anywhere on the Instiki pages, either on the TODO list or the bugs, but I recommend checking there first. In the meantime, I think that it would be better to limit level 4 access as, I presume, these "tweaks" are generally few and far between. In my opinion, the dangers of having a large group of people knowing the system password outweigh the hassle of occasionally having to wait for a stylesheet change. But then I don't have a personal web so I don't know how often one wants to use these features so maybe I'm not the best judge.

    • CommentRowNumber4.
    • CommentAuthorTobyBartels
    • CommentTimeNov 6th 2009

    It would be nice if we make it clear up front, when me make the personal web, that some stylesheet hacks (such as query boxes) are optional and we'll have to put them in by hand if they're wanted.

    In fact, new proprietors of personal webs should probably be given these options up front:

    • query boxes and standout boxes, or not?
    • published, private, or open?
    • CommentRowNumber5.
    • CommentAuthorMike Shulman
    • CommentTimeNov 7th 2009

    In my opinion, the dangers of having a large group of people knowing the system password outweigh the hassle of occasionally having to wait for a stylesheet change.

    Oh, I agree. I was just pointing out one of the consequences of that policy, and a reason that it will require some discipline on the part of the level 4 people.

    In fact, new proprietors of personal webs should probably be given these options up front

    Absolutely.

    • CommentRowNumber6.
    • CommentAuthorEric
    • CommentTimeNov 7th 2009

    Speaking of which, is someone playing with the CSS? :)

    Everything switched to Roman fonts :)

    • CommentRowNumber7.
    • CommentAuthorUrs
    • CommentTimeNov 7th 2009
    This comment is invalid XHTML+MathML+SVG; displaying source. <div> <blockquote> is someone playing with the CSS? :) </blockquote> <p>dunno. But I am hoping somebody will find the time to implement some improvements on the general layout. I am still in favor of having a vertical blue bar running on the left of every page. That must be super-simple to code in CSS I suppose? Unfortunately, I have no clue about CSS:</p> </div>
    • CommentRowNumber8.
    • CommentAuthorTobyBartels
    • CommentTimeNov 7th 2009

    Yeah, the fonts look different to me, too, although I override them usually so I may be remembering wrong.

    • CommentRowNumber9.
    • CommentAuthorbwebster
    • CommentTimeNov 7th 2009

    It certainly would be nice if people could have a password that let them just change their own web. I probably won't want to make too many tweaks right now, but I think I tried every single color option (in part because I had the level 4 password).

    • CommentRowNumber10.
    • CommentAuthorEric
    • CommentTimeNov 7th 2009

    Someone definitely changed the CSS for the nLab somehow. Hopefully it gets back. I preferred the original look.

    • CommentRowNumber11.
    • CommentAuthorEric
    • CommentTimeNov 7th 2009

    Sorry for another comment, but is it just me? Do I have my own personal CSS somehow that got messed up or does everyone see the nLab font has changed. It is smaller and maybe even a different font altogether.

    • CommentRowNumber12.
    • CommentAuthorMike Shulman
    • CommentTimeNov 7th 2009

    I see it too. Now it's a serif font; it used to be sans serif.

    • CommentRowNumber13.
    • CommentAuthorTobyBartels
    • CommentTimeNov 8th 2009

    If the font changed for everybody at once, then that would mean that the main CSS file instiki.css changed. I'm pretty sure that you need at least access level 3 to do that.

    • CommentRowNumber14.
    • CommentAuthorEric
    • CommentTimeNov 8th 2009

    It seems to be fixed now. Phew :)

    • CommentRowNumber15.
    • CommentAuthorAndrew Stacey
    • CommentTimeNov 9th 2009

    You lot ought to subscribe to the Instiki RSS feed.

    Revision 466: Change body Font Back to Verdana

    Some CSS experiments crept into Revision 464. Revert them.

    • CommentRowNumber16.
    • CommentAuthorAndrew Stacey
    • CommentTimeNov 9th 2009

    By the way, the CSS discussion is fairly irrelevant to the issue of access and should have happened in the all-new Technical category.

    • CommentRowNumber17.
    • CommentAuthorEric
    • CommentTimeNov 9th 2009

    It is only relevant as far as I thought someone with "level 3" access changed something in instiki.css. I thought it might be an example of someone having too much access, i.e. I thought a human error led someone to change the whole nLab when they meant to change only their personal web.

    PS: Why do I feel like an electron-hole pair just "Hmph!"ed at me?

    PPS: I did not memorize what "level 3" access is and nor will I because it is below learning about how ants burrow through sand in my list of things I want to learn :)

    • CommentRowNumber18.
    • CommentAuthorAndrew Stacey
    • CommentTimeNov 9th 2009

    Sorry, I didn't mean to "Hmph!" anyone. I just wanted to be sure that the original point of this discussion, to clarify the levels of access, didn't get lost in the CSS. Nor do I particularly want anyone to memorise who has which access: once everyone's happy with it, then it'll get put somewhere on the nlabmeta and we can all forget about it until we need to know it. My comment should have said "Now that that's dealt with, let's get back to the levels-of-access discussion." I apologise for harumphing.

    Okay, now that's dealt with, let's get back to the levels-of-access discussion.

    • CommentRowNumber19.
    • CommentAuthorAndrew Stacey
    • CommentTimeNov 20th 2009

    I have changed the system password.

    I propose to merge levels 2 and 4 of access: namely, only someone with user access to the server should have admin access to the nlab. I think that at the moment, the n-group is small enough that there's no reason to distinguish between these roles. If anyone disagrees, though, I'm open to discussing it.

    For those who do have user level access, the instructions for getting the new password are in the help file that you get shown when you log in to mathforge.

    Although security on the n-lab itself is not very high, this password should not be emailed around and should only be written down in a secure place.

    (Incidentally, I know that this information is pointless for all but two other people, but if there's a change of personnel then I can see that it would be useful to have this information at least somewhere public. Also, there's a small chance that someone might spot something important that I've overlooked.)

    • CommentRowNumber20.
    • CommentAuthorTobyBartels
    • CommentTimeNov 21st 2009

    Well, you've just taken away the power to modify their personal webs' settings from several people, so they should at least all get a message inviting them to ask us to change their settings if they want them changed.

    • CommentRowNumber21.
    • CommentAuthorAndrew Stacey
    • CommentTimeNov 21st 2009

    Oh yeah. Err, so from now on anyone wanted to change the settings on their web needs to get someone with the password to do so for them. I hope that this isn't annoying for anyone. We can put it on the Instiki feature request page that webs have separate passwords for their settings.

    I guess I should email those that don't read this forum. I'll do that on Monday unless someone beats me to it (if they do, please CC at least me).