Re: Security incident on Fedora infrastructure on 23 Jan 2011

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 25 Jan 2011 17:10:20 -0500
Ricky Zhou <ricky@xxxxxxxxxxxxxxxxx> wrote:

> > Additionally it would be nice to investigate whether the account was
> > used to access the test machine resources for package maintainers:
> > https://fedoraproject.org/wiki/Test_Machine_Resources_For_Package_Maintainers
> Good point.  We don't run those machines, and all packagers have sudo
> there , so Fedora packagers should consider it unsafe to forward their
> SSH agent or enter any sensitive information on those machines.  We'll
> get in touch with Kevin about checking those machines though.

I see no evidence of tampering on those machines. 

I checked the logs of the firewall in front of them (that logs all ssh
connections to them) against the lastlogs on each. There's no 'missing'
ssh connections or connections from this account. 

Thanks for asking. ;) 

kevin

Attachment: signature.asc
Description: PGP signature

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux