Vandalizing Open-Source Drivers?
Somebody with root access to the FreeDesktop.org server decided to vandalize the RadeonHD graphics driver in this Git commit. The make files were deleted and replaced with "It's dead, Jim" and a Git commit message line of "PERHAPS BONGHITS WILL FIX MY MAKEFILE." The supplied email address was "[email protected]."
While the RadeonHD driver is no longer actively developed, obviously this can come across as offensive to those who vigorously worked on this open-source Linux driver. More importantly though it puts into question the security of the FreeDesktop.org infrastructure. It took three weeks to spot as the Git notification email was not sent to the appropriate mailing list. Luc has already written to the mailing list.
"It is clear that this is not a normal security breach, as this commit is fully in line with the naming scheme used by fd.o. Plus, given the history of radeonhd, combined with who i think have root access, makes it seem quite likely that this was simply one of the people with regular root access," says Luc Verhaegen.
Fortunately, with Git such childish actions can be easily reverted.
While the RadeonHD driver is no longer actively developed, obviously this can come across as offensive to those who vigorously worked on this open-source Linux driver. More importantly though it puts into question the security of the FreeDesktop.org infrastructure. It took three weeks to spot as the Git notification email was not sent to the appropriate mailing list. Luc has already written to the mailing list.
"It is clear that this is not a normal security breach, as this commit is fully in line with the naming scheme used by fd.o. Plus, given the history of radeonhd, combined with who i think have root access, makes it seem quite likely that this was simply one of the people with regular root access," says Luc Verhaegen.
Fortunately, with Git such childish actions can be easily reverted.
51 Comments