proposal for fedora11 feature ReviewOMatic

Bill Nottingham notting at redhat.com
Mon Jan 5 18:58:27 UTC 2009


Jason L Tibbitts III (tibbs at math.uh.edu) said: 
> BN> This allows uncredentialed users to DoS (or worse) the build
> BN> system, does it not?
> 
> It does.  But then, nobody was concerned about this when I indicated
> that I would be building many untrusted packages in koji and surely
> any automated system would issue its builds at low priority anyway.

Right, but you're an authorized user who (may) do some sort of rudimentary
check for '100 GB source tarball' or 'is an obvious trojan', etc. before
submitting the build. Would this automated system do that?

Bill




More information about the fedora-devel-list mailing list