On Wed, 2007-01-31 at 15:54 +0100, Till Maas wrote: > On Wednesday 31 January 2007 15:45, Dan Williams wrote: > > > For build submissions, it would seem fairly easy to have the build > > system check the pkg.acl from it's pristine pkgcvs checkout and ensure > > that the job owner is listed in the pkg.acl file, and otherwise fail the > > job. That's not as ideal as a real accounts system, since the buildsys > > Is this really needed? As far as I understand how the buildsystem works, it > checks the cvs out with the requested tag. So it would always only build the > stuff that someone who is authorized by cvs acls commited and tagged. Or am I > wrong here? Right, but anyone can request a build from any tag at any time. So if you tag something, but don't build it, then figure out that a security issues requires a new version, somebody else could have built your other one in the mean time. The attack is a lot less serious than allowing anyone to build anything, of course (since only the package owner can tag) but it does leave a few "holes" like this lying around. Dan -- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers -- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
