Respository vandalism by root at ...fd.o

Egbert Eich eich at freedesktop.org
Tue Nov 23 09:27:16 PST 2010


On Tue, Nov 23, 2010 at 08:32:10AM -0800, Alan Coopersmith wrote:
> Gaetan Nadon wrote:
> > On Tue, 2010-11-23 at 13:57 +0100, Luc Verhaegen wrote:
> >> > It is clear that this is not a normal security breach, as this
> >> commit is
> >> > fully in line with the naming scheme used by fd.o. Plus, given the
> >> > history of radeonhd, combined with who i think have root access, makes
> >> > it seem quite likely that this was simply one of the people with
> >> regular
> >> > root access.
> >>
> > I had noticed this appalling commit, looked around and came to the same
> > conclusion.
> > I had also received an e-mail alerting me about this commit. This is not
> > a good use of our time.
> > 
> > The commit should actually be removed from the repository, or at least
> > reverted,
> > to save other people from wasting time on this. Their wiki states that
> > radeonhd is deprecated,
> > which is fine, but that does not mean it should be crippled.
> 
> It's on a separate branch, not master.   (Doesn't mean it's right, just
> that it's not actually going to cripple anything or waste time for anyone
> who doesn't ask for it.)
> 
> The last update on the radeonhd master branch is 6 months ago.
> 

Alan,

It strikes me that this should be downplayed.
Please bear in mind that this is something which could happen 
again at any time to any project and branch.
Either there is a security breech somewhere or someone with 
admin priviledges has lost his marbles and clearly went over 
the top. fd.o doesn't need either.

Regards,
	Egbert.


More information about the xorg-devel mailing list