Python, VCSs, ssh keys and Transifex
Jeroen van Meeuwen
kanarip at kanarip.com
Sun Jul 15 13:34:37 UTC 2007
Dimitris Glezos wrote:
> O/H Karsten Wade έγραψε:
>> On Sat, 2007-07-14 at 00:55 +0200, Jeroen van Meeuwen wrote:
>>> Mike McGrath wrote:
>>>> This is my worry too. It's almost enough to make me not want to do it
>>>> for non Fedora projects but thats just bad. I'm hoping someone here has
>>>> a good, clever way to solve this issue.
>> The benefits of these new tools far outweigh the relatively slight
>> risks. We really must step up and find a way to make it work.
>>
>> My vote is simple: we do the best we can, we spell out what the
>> security is and the risks involved, and we put that in front of upstream
>> projects. We ask them to agree (via email?) to the risk/reward balance
>> we present. [...]
>>
>> Security risk assessment is never about, "No matter the cost, I will
>> secure this until it is unbreakable." That guarantee comes from a pair
>> of wire cutters used on the CAT(5) between the server and the switch.
>> Great for security, bad for business. [...]
>>
Along these thoughts and Dimitris', having a transifexd running under
User A to collect to translations, and another User B to do the actual
commits and pushes with, seems to be the best design. SELinux protection
of course, is mandatory, although it doesn't prevent a compromised
transifexd from putting 'malicious' file in User B's commit/push queue.
Kind regards,
Jeroen van Meeuwen
-kanarip
More information about the Fedora-infrastructure-list
mailing list