On Wed, 2007-01-31 at 13:55 -0500, seth vidal wrote: > On Wed, 2007-01-31 at 12:51 -0600, Josh Boyer wrote: > > On Wed, 2007-01-31 at 09:45 -0800, David Lutterkort wrote: > > > On Wed, 2007-01-31 at 07:55 -0800, Christopher Stone wrote: > > > > And people at redhat are completely immune to such attacks while the > > > > extra packagers are so nieve that it is very likely to happen once we > > > > open up the core cvs. > > > > > > Don't look at this as a Red Hat vs. the rest of the world thing: even > > > though I have a redhat.com mailing address, I don't expect to get commit > > > access to the kernel, or glibc or 99% of the rest of the Fedora > > > packages. > > > > > > And I don't want it: not having that access limits the things I need to > > > worry about if my account gets compromised. My packages could still have > > > been messed with, but at least it won't ripple into _all_ of Fedora > > > needing an audit to make sure that a break into my account didn't > > > compromise the distro. > > > > This is, perhaps, the sanest explanation of why the ACLs aren't entirely > > a bad thing. > > > > I don't think anyone is arguing that they are entirely a bad thing. In > fact I'm completely cool w/them. I just don't like the attitude coming > from some of the posters to this thread that the unwashed masses outside > of red hat will have their accounts cracked and that will allow the > crackers to compromise red hat's internal network. Yeah, I know. And I agree. I was just trying not to add more fuel to the flames ;) > Maybe then the crackers will have control of the weather manipulation > machine. Hopefully they'll have the sense to warm things up here in MN. josh -- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers -- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
