[Xorg] New committer process?
Eric Anholt
eta at lclark.edu
Mon Jun 14 19:35:43 PDT 2004
On Mon, 2004-06-14 at 11:37, Keith Packard wrote:
> Around 19 o'clock on Jun 14, Ely Levy wrote:
>
> > Isn't SSH safe enough?
> > commiting with SSH sounds preety good way to prevent spoofing IMHO
>
> My question was higher level -- how do we authenticate people we give
> accounts to on the machine in the first place. Right now, we're mostly
> letting each project vette people with informal irc or email
> "authentication"; that works pretty well when you know the people involved,
> otherwise it doesn't work.
>
> Once people have accounts on the machine, SSH had better provide a
> reasonable level of security. I'd certainly be a lot happier with a
> more secure repository though (yes, CVS sucks, but no, we're not switching
> right now).
One thing FreeBSD did was move theri repository to a separate machine
that mere mortals could only access remotely -- no direct editing of the
repository for non-admins. That would make me feel a lot better.
--
Eric Anholt eta at lclark.edu
http://people.freebsd.org/~anholt/ anholt at FreeBSD.org
More information about the xorg
mailing list