Respository vandalism by root at ...fd.o
eich at suse.de
Tue Nov 23 08:48:33 PST 2010
On Tue, Nov 23, 2010 at 08:32:10AM -0800, Alan Coopersmith wrote:
> Gaetan Nadon wrote:
> > On Tue, 2010-11-23 at 13:57 +0100, Luc Verhaegen wrote:
> >> > It is clear that this is not a normal security breach, as this
> >> commit is
> >> > fully in line with the naming scheme used by fd.o. Plus, given the
> >> > history of radeonhd, combined with who i think have root access, makes
> >> > it seem quite likely that this was simply one of the people with
> >> regular
> >> > root access.
> > I had noticed this appalling commit, looked around and came to the same
> > conclusion.
> > I had also received an e-mail alerting me about this commit. This is not
> > a good use of our time.
> > The commit should actually be removed from the repository, or at least
> > reverted,
> > to save other people from wasting time on this. Their wiki states that
> > radeonhd is deprecated,
> > which is fine, but that does not mean it should be crippled.
> It's on a separate branch, not master. (Doesn't mean it's right, just
> that it's not actually going to cripple anything or waste time for anyone
> who doesn't ask for it.)
> The last update on the radeonhd master branch is 6 months ago.
It strikes me that this should be downplayed.
Please bear in mind that this is something which could happen
again at any time to any project and branch.
Either there is a security breech somewhere or someone with
admin priviledges has lost his marbles and clearly went over
the top. fd.o doesn't need either.
More information about the xorg