Respository vandalism by root at ...fd.o
Luc Verhaegen
libv at skynet.be
Tue Nov 23 22:31:38 PST 2010
On Tue, Nov 23, 2010 at 03:36:58PM -0800, Alan Coopersmith wrote:
> Alan Cox wrote:
> >> It's on a separate branch, not master. (Doesn't mean it's right, just
> >> that it's not actually going to cripple anything or waste time for anyone
> >> who doesn't ask for it.)
> >
> > And how many other un-noticed commits did this person make ? Until you
> > know that you have to assume a complete compromise.
>
> Understood, but you'll also understand that's something we have to ask the
> freedesktop.org admins to investigate. Like most X.Org developers, I
> can't even login to the server hosting git other than with the restricted
> shell used for git pushes.
See, this was exactly the problem here. It _was_ a freedesktop admin.
And it was pretty clear that it was that from the onset too. Mailing
fd.o admins, even if i could've dug up an email address in the split
second that i wrote the email (heck, i even mistyped repository), was
not the right course of action.
Luc Verhaegen.
More information about the xorg-devel
mailing list