Re: Security incident on Alioth and other Alioth news

To: debian-project@lists.debian.org
Cc: admin@alioth.debian.org, hmh@debian.org
Subject: Re: Security incident on Alioth and other Alioth news
From: Raphael Hertzog <hertzog@debian.org>
Date: Fri, 8 Sep 2006 09:05:04 +0200
Message-id: <[🔎] 20060908070504.GC22292@ouaza.com>
Mail-followup-to: debian-project@lists.debian.org, admin@alioth.debian.org, hmh@debian.org
In-reply-to: <[🔎] 20060907235839.GA20122@khazad-dum.debian.net>
References: <20060906102554.GL13426@ouaza.com> <[🔎] 20060906141313.GB11369@khazad-dum.debian.net> <[🔎] 20060906170454.GC16248@ouaza.com> <[🔎] 20060906210811.GA28812@khazad-dum.debian.net> <[🔎] 20060907074607.GF16248@ouaza.com> <[🔎] 20060907235839.GA20122@khazad-dum.debian.net>

[ This is the last public response, just to let other potential volunteers
jump in, the rest of the discussion should continue between
admin@alioth.debian.org and the people interested to help ]

On Thu, 07 Sep 2006, Henrique de Moraes Holschuh wrote:
> I am not ordering anyone to do anything.  Sorry if it sounded like this, but
> on the other hand, I did not appreciate your sarcastic reply either, which
> is why I used a tongue-in-cheek tone.

Sorry if my mail sounded like sarcastic, it was just an honest answer of
the current situation.

> Well, what could I help you with that would allow Alioth to drop password
> logins?

Let's start discussing the consequences. Do other Alioth admins have a
problem changing this configuration?

(please keep hmh in the CC when replying to)

> > Are you volunteering to help us on a daily basis or are you only giving
> > orders to your fellow ?
> 
> Sure I can help.  Please point me and other volunteers to where we can find
> a task list, and how do we coordinate with you guys.

Sorry I won't publish a public task list but I can tell any interested
individuals what we have to do (or rather what we should do).

Right now, the biggest part where you can help us is in the review of the
all web apps that are installed. I expect the difficult part is to come up
with a working single-host but multi-site configuration for each of those.
We'll certainly have to work with the maintainers of some of those
packages (when they are already packaged).

If some more volunteers would like to help, feel free to join.

Cheers,
-- 
Raphaël Hertzog

Premier livre français sur Debian GNU/Linux :
http://www.ouaza.com/livre/admin-debian/

Reply to:

References:
- Re: Security incident on Alioth and other Alioth news
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: Security incident on Alioth and other Alioth news
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: Security incident on Alioth and other Alioth news
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: Security incident on Alioth and other Alioth news
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: Security incident on Alioth and other Alioth news
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

Prev by Date: Re: Security incident on Alioth and other Alioth news
Next by Date: Draft ballot for the assets constitutional GR
Previous by thread: Re: Security incident on Alioth and other Alioth news
Next by thread: Curso de Linux
Index(es):
- Date
- Thread