On Wed, 2007-06-20 at 11:18 -0400, Alan Cox wrote: > On Wed, Jun 20, 2007 at 04:56:58PM +0200, Ralf Corsepius wrote: > > 1. He needs to be a Linux user > > 2. He needs to be deeply familiar with the Fedora build-system. > > 3. He will have to crack your passwords/ssh-phrases > > All false > > He needs to be a > 1. Trojan script > 2. Have been scripted to attack Fedora, or generically attack cvs > 3. Steal your ssh keys automatically via patched tools Or a man-in-the middle attack ... in such cases ACL's won't help at all. > Its a minor perl problem to produce such a tool and just wait for a Fedora > developer to catch it, then it can merge itself from one project into the > next and infect the next person whol builds it on their own box and so on > and so forth. Ralf -- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers -- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
