mtbentley
commented
8 years ago My current thoughts are something along the lines of:
No admin on any ACM run server or virtual machine will access
or modify your data except for when necessary for the technical
maintenance of the server or when legally required.
Any attempt to access another user's data, either by an admin or
a user, will result in loss of access to ACM servers and, if
appropriate, will be reported to relevant university authorities.This allows me (and other admins) to, for example, list users' files to find who's using too much disk space or access a VM to find who the owner is. It also requires us to report to the university if a user attempts to cheat by accessing another user's homework, research, etc.
thomasrussellmurphy
In a conversation with @matthewbentley, the note that the server admin effectively has access to all files on the ACM server while admins on the various VMs definitely have access to all files on the VM. This means that e.g. personal data, homework (in progress), privileged configuration information, and API keys could be accessed by an administrator, either via
sudoor by remounting the VM disk image in a separate environment.To discuss: appropriate limitations, policy wording, influence of overarching community standards (Academic Integrity, Acceptable Use, Code of Ethics), and implementation.