Re: Security incident on Alioth and other Alioth news
On Wed, 06 Sep 2006, Henrique de Moraes Holschuh wrote:
> On Wed, 06 Sep 2006, Raphael Hertzog wrote:
> > Running svn/bzr/arch/git on a separate machine adds very little security
> > since all the accounts of costa are copies of the accounts on alioth. And
>
> Time to fix that, then.
[...]
> Just remove all password-based shell access, make it key-based only.
Please stop giving me orders.
I've spent a whole day handling this security issue, I've already spent
many nights preparing the move to the new Alioth.
We're improving the security and we're way better than a few months
ago, so I don't need someone to lecture me about security.
We're open to suggestion, we're open for discussion, we're open for help
too. Alioth/Gforge has an integrated SSH key handling mechanism and we
could indeed remove the password based login (even if we keep everything
on a single host).
> However, getting more rights is just a matter of waiting for the next kernel
> exploit (just like the attacker did in the last @d.o compromise before
> Alioth). Unless Alioth updates kernels now on a very narrow time window,
> that even our security team is not capable of meeting?
It's not only about time to update the kernel. In the last root
compromise, the whole was present for quite a long time and it was fixed
for quite a long time, it's just that nobody knew how severe the whole
was and that is was effectively exploitable.
> Well, maybe it is time to consider improving the security setup instead of
> making it worse...
Are you volunteering to help us on a daily basis or are you only giving
orders to your fellow ?
BTW, please read
http://lists.debian.org/debian-project/2006/09/msg00058.html
and understand that we're improving the situation on many fronts. But it's
not a one day job and we can't "just do it".
Cheers,
--
Raphaël Hertzog
Premier livre français sur Debian GNU/Linux :
http://www.ouaza.com/livre/admin-debian/
Reply to: