[cfarm-users] privacy

Jonathan Wakely jwakely.gcc at gmail.com
Sun Apr 14 21:45:26 CEST 2024 

On Sun, 14 Apr 2024, 14:05 Bruno Haible, <bruno at clisp.org> wrote:
>
> Jonathan Wakely wrote:
> > > It would not be straightforward to track all SSH access on the farm, both
> > > for privacy reasons and technical reasons (the farm has very diverse
> > > systems, and some people run jobs via cron).
> >
> > What are the privacy reasons?
> >
> > It's a free, public service offered to the community, why should users have
> > any expectation of being able to use it in secret?
> >
> > If you don't want the cfarm admins to be aware of whether or not you are
> > using the service, you should pay for your own access to another service.
>
> While the principles of handling personal information (limiting the purposes,
> minimizing the data, ...) [1] are legally binding only in the EU, they are
> good guidelines for helping ensure privacy all over the world.
>
> If the compilefarm were to track all SSH access on the farm, taking
> correlations on the data would, for example:
>   - reveal whether the accesses are within or outside regular business hours,
>   - reveal if two persons have nearly the same login/logout times and thus
>     allow conjectures about their relationship.
>
> The stated purpose in this thread is to detect "long-dormant users".
> Tracking all SSH accesses would produce more data than needed for the
> purpose — which goes against the principle of data minimization.


There no need for "tracking all ssh access" (that was just what
Baptiste said). It would be enough to just keep a record of whether a
user has logged in at all in the past 6 months, with a resolution of a
day if you're concerned about recording the hours anybody uses. I'm
sure the system logs already show when somebody logs in, so the
information you're concerned about already exists.

[jwakely at gcc2-power8 ~]$ /usr/bin/last | grep haible
haible   pts/0        176.199.253.237  Fri Apr  5 13:36 - 13:36  (00:00)

Is this a problem?


>
> Other approaches (such as getting the 'atime' of the ~user/.ssh/* files
> once a year) would produce less data. But it was not what was discussed
> in the sourceware.org thread and replied-to by Baptiste.
>
> Bruno
>
> [1] https://en.wikipedia.org/wiki/General_Data_Protection_Regulation#Principles_and_lawful_purposes
>
>
>

More information about the cfarm-users mailing list