On Thu, Jul 30, 2009 at 05:27:27PM -0400, Phil Pinto wrote: > Just a couple of questions - are the code distribution methods locked > down to prevent malicious tampering from someone who may be interested > in selling access to millions of computer systems? Centos is very > pervasive in hosting companies around the world. Has Lances access > been restricted, to prevent injection of malicious code? ISO images are usually MD5 sum'd (or similar) and signed on most distros, and source code patches are typically visible to multiple people as part of the submission process. Source patches have to go upstream to be ultimately integrated into the CentOS distro. So the possibility of "vandalism" in these circumstances - eg. a known individual with access and high visibility, are very unlikely to be attempted and even more unlikely to succeed. I fear that making this kind of speculation, ascribing >potential< acts of vandalism to unamed but clearly identified specific persons, have only one major effect, to make a sore subject and the relationships of those involved even worse. We have only one issue that needs resolution and it is being handled by the people closest to the issue. The safety and continuance of CentOS is already assured and not in question. Hopefully we can refrain from this kind of Hype-driven scenario generating. After all - We aren't journalists. :-) The CentOS source is safely stored in multiple places including an upstream North American Enterprise level vendor. Truly we don't need to be concerned about its purity. The existing developers and multiple other code holders have taken care of that. Jeff Kinz. -- This text was created using speech recognition software. Some errors may be present in the transcription. A: Yes. >Q: Are you sure? >>A: Because it reverses the logical flow of conversation. >>>Q: Why is top posting frowned upon? _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos