Announcement

Collapse
No announcement yet.

Vandalizing Open-Source Drivers?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #21
    I'll take it as a hint since I registered in 2009.

    Comment


    • #22
      Originally posted by etnlWings View Post
      The moral of the story: lulz were had, no permanent damage was done, some people got butthurt.
      No. Moral of the story, someone with root access on those servers thinks playing pranks is a good use of the trust people have given him. Harmless or not, this is a pretty bad look for FD.o...

      Comment


      • #23
        Originally posted by stikonas View Post
        And even if rebasing published repositories is not recommended, in this case it is probably a good idea, there is no need to tolerate vandalism even if the project is not thriving.
        Exactly, so what is there to gain by even pulling such really childish crap like that on some project that's been rather moribund? Security needs to be tightened up and git's the better way to go about managing a source tree.

        Vandalism like this should NEVER be tolerated at any level. It would be good to remove the entire vandalized tree and replace with a last known good version of the tree.

        Comment


        • #24
          Originally posted by crazycheese View Post
          At least you could post "Fck microsoft" instead.
          Just joking )
          Wish the prankster put "Steve Ballmer was here" instead into the commit so even more lulz would be had :^)

          Comment


          • #25
            Originally posted by Delgarde View Post
            No. Moral of the story, someone with root access on those servers thinks playing pranks is a good use of the trust people have given him. Harmless or not, this is a pretty bad look for FD.o...
            You know what concerns me? If somebody can delete an entire git tree without anyone knowing, then how can one detect a simple backdoor?

            Comment


            • #26
              Originally posted by V!NCENT View Post
              You know what concerns me? If somebody can delete an entire git tree without anyone knowing, then how can one detect a simple backdoor?
              I doubt that this would be unnoticed unless the tree is unused. If the tree is used, then there are lots of its copies and git will complain if somebody tries to introduce some backdoor into the tree (git check SHA1 hashes of the commits).

              Comment


              • #27
                It was Adam Jackson: http://lists.x.org/archives/xorg-dev...er/015901.html
                Michael Larabel
                http://www.michaellarabel.com/

                Comment


                • #28
                  Originally posted by DeepDayze View Post
                  Exactly, so what is there to gain by even pulling such really childish crap like that on some project that's been rather moribund? Security needs to be tightened up and git's the better way to go about managing a source tree.

                  Vandalism like this should NEVER be tolerated at any level. It would be good to remove the entire vandalized tree and replace with a last known good version of the tree.
                  The vandalism was one added commit on a new branch, so restoring the tree is as simple as deleting the branch. Git is pretty good about guaranteeing that nothing else was changed as long as the commit IDs for the other branches weren't changed. Somebody will obviously have to verify those against known good copies, though.

                  Comment


                  • #29
                    Originally posted by V!NCENT View Post
                    You know what concerns me? If somebody can delete an entire git tree without anyone knowing, then how can one detect a simple backdoor?
                    Where the hell are you getting that a git tree was deleted?

                    Comment


                    • #30
                      Originally posted by Michael View Post
                      He is VERY lucky not being in some corporate entity. Sorry won't be enough - they'd claim $100 Bln compensation from him. Bad moral mood my *** (sorry).

                      Comment

                      Working...
                      X