[Xorg] New committer process?
Keith Packard
keithp at keithp.com
Mon Jun 14 11:37:01 PDT 2004
Around 19 o'clock on Jun 14, Ely Levy wrote:
> Isn't SSH safe enough?
> commiting with SSH sounds preety good way to prevent spoofing IMHO
My question was higher level -- how do we authenticate people we give
accounts to on the machine in the first place. Right now, we're mostly
letting each project vette people with informal irc or email
"authentication"; that works pretty well when you know the people involved,
otherwise it doesn't work.
Once people have accounts on the machine, SSH had better provide a
reasonable level of security. I'd certainly be a lot happier with a
more secure repository though (yes, CVS sucks, but no, we're not switching
right now).
-keith
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg/attachments/20040614/987941cd/attachment.pgp>
More information about the xorg
mailing list