Package database, SCM, ACLs, co-maintainership, and all that stuff
Jeffrey C. Ollie
jeff at ocjtech.us
Sat Aug 5 03:28:05 UTC 2006
On Sat, 2006-08-05 at 01:15 +0200, Christian Iseli wrote:
>
> One of the nagging questions is: how do we keep things as open as
> possible while ensuring that no malicious/bad edits are planted in
> packages.
>
> We can put controls at three points:
> 1. at the SCM level, with ACLs
> 2. at the build level, with a proper package database
> 3. at the package signing stage
* Minimal ACLs on SCM, so any authenticated user can commit changes to
any package. I'd recommend however ACLs to keep the directory structure
organized though.
* However, emails are generated to directly to all maintainers of a
particular area. That way unauthorized changes get noticed faster by
the maintainers.
* Builds can be initiated only by package maintainers and the security
team (so that security fixes can be pushed out quickly). The security
team would keep changes to the minimum necessary to resolve a security
problem.
* Before a build is initiated, the initiator would have to "approve"
somehow all of the changes made by non-maintainers. Not quite sure how
this would work, esp. given the need to track reversions of unapproved
changes.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-extras-list/attachments/20060804/80f3d94b/attachment.sig>
More information about the fedora-extras-list
mailing list