Re: Python, VCSs, ssh keys and Transifex

[Jeroen van Meeuwen <kanarip kanarip com>]

Dimitris Glezos wrote:
> O/H Karsten Wade έγραψε:
>> On Sat, 2007-07-14 at 00:55 +0200, Jeroen van Meeuwen wrote:
>>> Mike McGrath wrote:
>>>> This is my worry too.  It's almost enough to make me not want to do it
>>>> for non Fedora projects but thats just bad.  I'm hoping someone here has
>>>> a good, clever way to solve this issue.
>>  The benefits of these new tools far outweigh the relatively slight
>> risks.  We really must step up and find a way to make it work.
>>
>> My vote is simple:  we do the best we can, we spell out what the
>> security is and the risks involved, and we put that in front of upstream
>> projects.  We ask them to agree (via email?) to the risk/reward balance
>> we present. [...]
>>
>> Security risk assessment is never about, "No matter the cost, I will
>> secure this until it is unbreakable."  That guarantee comes from a pair
>> of wire cutters used on the CAT(5) between the server and the switch.
>> Great for security, bad for business. [...]
>>

Along these thoughts and Dimitris', having a transifexd running under
User A to collect to translations, and another User B to do the actual
commits and pushes with, seems to be the best design. SELinux protection
of course, is mandatory, although it doesn't prevent a compromised
transifexd from putting 'malicious' file in User B's commit/push queue.

Kind regards,

Jeroen van Meeuwen
-kanarip