[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security incident on Alioth and other Alioth news

(Mail redirected to debian-project, and to the Alioth team contact)

On Wed, 06 Sep 2006, Raphael Hertzog wrote:
> This move will let us merge costa.d.o (svn/bzr/arch/git.d.o), and haydn.d.o
> (alioth.debian.org) on a single host. This also means that the transition can't

Thus guaranteeing that futher security incidents on a host that allows
people to install software are now going to affect the version control

Please reconsider.  svn/bzr/arch/git.d.o should run on an audited machine,
where we have little access other than enough to do local repository
maintenance, and where no untrusted software is allowed.

  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to: