[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: FAKE: Fedora Extras shipped popular package with rootkit and more than ten thousands systems were infected (was Re: Summary from last weeks FESCo meeting)

From: Paul P Komkoff Jr <i stingr net>
To: Discussion related to Fedora Extras <fedora-extras-list redhat com>
Subject: Re: FAKE: Fedora Extras shipped popular package with rootkit and more than ten thousands systems were infected (was Re: Summary from last weeks FESCo meeting)
Date: Thu, 1 Jun 2006 16:19:15 +0400

Replying to Thorsten Leemhuis:
> 4. checkout some popular packages, upload new tarballs with a slightly
> different names and a root-kit in it. Modify the "Source0" accordingly  
> 5. commit the changes, hit "CTRL-C" at the right point of time so the
> commit-message is not send to commits-list

Either I am wrong or this clearly shows a major flaw in current
infrastructure when any with commit access can modify anything in the
extras tree?

-- 
Paul P 'Stingray' Komkoff Jr // http://stingr.net/key <- my pgp key
 This message represents the official view of the voices in my head

Follow-Ups:
- Re: FAKE: Fedora Extras shipped popular package with rootkit and more than ten thousands systems were infected (was Re: Summary from last weeks FESCo meeting)
  - From: Hans de Goede

References:
- FAKE: Fedora Extras shipped popular package with rootkit and more than ten thousands systems were infected (was Re: Summary from last weeks FESCo meeting)
  - From: Thorsten Leemhuis
- Re: FAKE: Fedora Extras shipped popular package with rootkit and more than ten thousands systems were infected (was Re: Summary from last weeks FESCo meeting)
  - From: Thorsten Leemhuis

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]