[Xorg] New committer process?

Eric Anholt eta at lclark.edu
Mon Jun 14 19:35:43 PDT 2004


On Mon, 2004-06-14 at 11:37, Keith Packard wrote:
> Around 19 o'clock on Jun 14, Ely Levy wrote:
> 
> > Isn't SSH safe enough?
> > commiting with SSH sounds preety good way to prevent spoofing IMHO
> 
> My question was higher level -- how do we authenticate people we give
> accounts to on the machine in the first place.  Right now, we're mostly
> letting each project vette people with informal irc or email
> "authentication"; that works pretty well when you know the people involved,
> otherwise it doesn't work.
> 
> Once people have accounts on the machine, SSH had better provide a 
> reasonable level of security.  I'd certainly be a lot happier with a 
> more secure repository though (yes, CVS sucks, but no, we're not switching 
> right now).

One thing FreeBSD did was move theri repository to a separate machine
that mere mortals could only access remotely -- no direct editing of the
repository for non-admins.  That would make me feel a lot better.

-- 
Eric Anholt                                eta at lclark.edu          
http://people.freebsd.org/~anholt/         anholt at FreeBSD.org






More information about the xorg mailing list