Respository vandalism by root at ...fd.o

Alan Cox alan at lxorguk.ukuu.org.uk
Wed Nov 24 03:18:20 PST 2010


> > See, this was exactly the problem here. It _was_ a freedesktop admin.
> > And it was pretty clear that it was that from the onset too. Mailing
> > fd.o admins, even if i could've dug up an email address in the split
> > second that i wrote the email (heck, i even mistyped repository), was
> > not the right course of action.
> 
> So you mailed 2 mailing lists consisting of 2-300 people who could do
> nothing about it?

He ensured the problem was noticed, and that it got out to people who
depend upon the repository being secure and properly managed. In this
case that turns out to have ensured the offender admitted to something
silly but if it had been a more serious attack it would also have ensured
people relying on the repository knew what was going on.

Security through bad mouthing the messenger for raising the issue is
normally reserved for government ministers, IMHO it has no place here.




More information about the xorg mailing list