FAKE: Fedora Extras shipped popular package with rootkit and more than ten thousands systems were infected (was Re: Summary from last weeks FESCo meeting)
Hans de Goede
j.w.r.degoede at hhs.nl
Fri Jun 2 08:21:30 UTC 2006
Nicolas Mailhot wrote:
> Hi,
>
> You don't need complex ACL features to make the current system a lot
> more secure. Just :
> - ironclad the mail sending on commit
> - systematically send a copy of the commit message to the list of
> maintainers associated with a package (most maintainers do not have time
> to follow the full FE commit list)
> - when a package build is requested, send a magic cookie to all the
> associated maintainers and the security team and do not push the build
> till the cookie is returned by mail by one of them
> - setup a webscm somewhere and automatically create user profiles which
> include history views of all the packages associated with each
> individual FE member.
>
> Because, you know, if we make sure everything which happens is
> communicated to the right people before the result is pushed to users
> there is absolutely no need to protect against malicious users. Besides
> re-reading their changes this will help maintainers catch their own
> honest mistakes.
>
>
Very very good idea! + a zillion.
One note though:
> - systematically send a copy of the commit message to the list of
> maintainers associated with a package (most maintainers do not have time
> to follow the full FE commit list)
I thinks this should include the sponsor too (for a sponsor configurable
amount of time from the sponsering).
Regards,
Hans
More information about the fedora-extras-list
mailing list