[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security incident on Alioth and other Alioth news

On Wed, 06 Sep 2006, Henrique de Moraes Holschuh wrote:
> On Wed, 06 Sep 2006, Raphael Hertzog wrote:
> > Running svn/bzr/arch/git on a separate machine adds very little security
> > since all the accounts of costa are copies of the accounts on alioth. And
> Time to fix that, then.
> Just remove all password-based shell access, make it key-based only.

Please stop giving me orders.

I've spent a whole day handling this security issue, I've already spent
many nights preparing the move to the new Alioth.

We're improving the security and we're way better than a few months
ago, so I don't need someone to lecture me about security.

We're open to suggestion, we're open for discussion, we're open for help
too. Alioth/Gforge has an integrated SSH key handling mechanism and we
could indeed remove the password based login (even if we keep everything
on a single host).

> However, getting more rights is just a matter of waiting for the next kernel
> exploit (just like the attacker did in the last @d.o compromise before
> Alioth).  Unless Alioth updates kernels now on a very narrow time window,
> that even our security team is not capable of meeting?

It's not only about time to update the kernel. In the last root
compromise, the whole was present for quite a long time and it was fixed
for quite a long time, it's just that nobody knew how severe the whole
was and that is was effectively exploitable.

> Well, maybe it is time to consider improving the security setup instead of
> making it worse...

Are you volunteering to help us on a daily basis or are you only giving
orders to your fellow ?

BTW, please read
and understand that we're improving the situation on many fronts. But it's
not a one day job and we can't "just do it".

Raphaël Hertzog

Premier livre français sur Debian GNU/Linux :

Reply to: