Respository vandalism by root at ...fd.o

Peter Hutterer peter.hutterer at who-t.net
Wed Nov 24 00:33:19 PST 2010


On 24/11/10 18:00 , Eirik Byrkjeflot Anonsen wrote:
> 1. What systems do we have in place that enables us to detect when a
>     "trusted admin" acts in "bad judgement" or with "evil intent"?  What
>     is the probability that such actions will be noticed?  Can we do
>     anything to increase this probability?
>
> 2. What systems do we have in place that enables us to detect "evil
>     commits" once they actually make their way into the repository?  What
>     is the probability that they will be noticed?  Can we do anything to
>     increase this probability?

git is designed to not be screwed with easily, so the chance of bad 
commits being detected is quite high.
for well-maintained repositories, we tend to notice quite quickly. I'm 
sure keith would notice whenever he can't push to xserver because no-one 
else is supposed to commit to it.

The same is true for other repositories, so the best safeguard here is 
"active maintainership".

> 3. When incidents are detected (break-ins, abuse of admin rights, evil
>     commits, what have you...), what processes are in place to deal with
>     this?  What information is published, and in which fora, and when?
>     What investigations are performed, and what actions are carried out
>     as a result of such investigations?  Where are these processes
>     documented?

I think in this particular case, a large number of insiders likely 
assumed a prank before it was called out. There is a history of 
disagreements between some of the X.Org developers and Luc and the 
radeonhd project, so having this happen to this particular repository is 
not that surprising after all (Note, this does not excuse the action, 
merely explain some of the reactions). I'd have been more worried if 
that had happened to e.g. the xserver repo.

I don't think we have any official processes right now and certainly 
none documented. Sending emails to the list to raise awareness is a good 
approach IMO and Luc's first few emails were informative. The later part 
of the thread somewhat lost usefulness when it descended to the usual 
fights, conspiracy theories and name-calling. Staying on-topic should be 
an essential part of any official process...

Cheers,
   Peter




More information about the xorg mailing list