On Wed, 2007-01-31 at 09:45 -0800, David Lutterkort wrote: > On Wed, 2007-01-31 at 07:55 -0800, Christopher Stone wrote: > > And people at redhat are completely immune to such attacks while the > > extra packagers are so nieve that it is very likely to happen once we > > open up the core cvs. > > Don't look at this as a Red Hat vs. the rest of the world thing: even > though I have a redhat.com mailing address, I don't expect to get commit > access to the kernel, or glibc or 99% of the rest of the Fedora > packages. > > And I don't want it: not having that access limits the things I need to > worry about if my account gets compromised. My packages could still have > been messed with, but at least it won't ripple into _all_ of Fedora > needing an audit to make sure that a break into my account didn't > compromise the distro. This is, perhaps, the sanest explanation of why the ACLs aren't entirely a bad thing. Thanks, josh -- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers -- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
