/etc/crontab 10,40 * * * * root /etc/elections/election-stats-count we should reduce the number of root scripts in cron. The voting can work with a special user foo, who can read the ballots in a write only folder for example. Or by means of the helios system. Or every user has a folder ~/ballots, which can be read by foo. Reproducible: Always
(In reply to Jonas Stein from comment #0) > /etc/crontab > 10,40 * * * * root /etc/elections/election-stats-count This script only counts how many ballots are present on dev.gentoo.org, it doesn't do anything else. > we should reduce the number of root scripts in cron. > The voting can work with a special user foo, who can read the ballots in a > write only folder for example. Or by means of the helios system. Or every > user has a folder ~/ballots, which can be read by foo. I agree with the goal of reducing root scripts, but unless we switch to devotee or some other system, it isn't just a matter of using a special user for the elections cripts, including countify that collects the ballots and creates the master ballot file on the officers home dir.
(adding elections to CC as this is about elections) I pressed enter too soon in the previous comment. I meant to add that we can't ensure all home directories on dev.gentoo.org allow others to traverse them. To reduce the security exposure as well as to increase privacy on voting, we really need to look into devotee[1] (as was proposed a few times over the years) [1] - https://www.debian.org/vote/
As someone who actually used devotee on top of Gentoo data, I would like to point out that it's a horrible solution that's a. not really maintained, b. requires fixes to even work with current Perl, c. has unreadable code, and d. has some extra bugs which make it simply crash or give no results with some of our elections.
