Respository vandalism by root at ...fd.o
Alan Coopersmith
alan.coopersmith at oracle.com
Wed Nov 24 07:24:21 PST 2010
Eirik Byrkjeflot Anonsen wrote:
> 2. What systems do we have in place that enables us to detect "evil
> commits" once they actually make their way into the repository? What
> is the probability that they will be noticed? Can we do anything to
> increase this probability?
Distributed version control. Developers should notice when attempting to push
to git if head had changed unexpectedly. I'm sure google can find you some
background reading about how this works in git.
> 3. When incidents are detected (break-ins, abuse of admin rights, evil
> commits, what have you...), what processes are in place to deal with
> this? What information is published, and in which fora, and when?
> What investigations are performed, and what actions are carried out
> as a result of such investigations? Where are these processes
> documented?
Those would be questions for our hosting provider, freedesktop.org.
X.Org does not control the freedesktop.org machines. There is a large
overlap in the groups, but we do not have the authority to speak for them.
--
-Alan Coopersmith- alan.coopersmith at oracle.com
Oracle Solaris Platform Engineering: X Window System
More information about the xorg-devel
mailing list