Page 3 of 6 FirstFirst 12345 ... LastLast
Results 21 to 30 of 52

Thread: Vandalizing Open-Source Drivers?

  1. #21
    Join Date
    Aug 2009
    Posts
    2,264

    Default

    I'll take it as a hint since I registered in 2009.

  2. #22
    Join Date
    Apr 2010
    Posts
    797

    Default

    Quote Originally Posted by etnlWings View Post
    The moral of the story: lulz were had, no permanent damage was done, some people got butthurt.
    No. Moral of the story, someone with root access on those servers thinks playing pranks is a good use of the trust people have given him. Harmless or not, this is a pretty bad look for FD.o...

  3. #23
    Join Date
    Sep 2007
    Location
    Connecticut,USA
    Posts
    974

    Default

    Quote Originally Posted by stikonas View Post
    And even if rebasing published repositories is not recommended, in this case it is probably a good idea, there is no need to tolerate vandalism even if the project is not thriving.
    Exactly, so what is there to gain by even pulling such really childish crap like that on some project that's been rather moribund? Security needs to be tightened up and git's the better way to go about managing a source tree.

    Vandalism like this should NEVER be tolerated at any level. It would be good to remove the entire vandalized tree and replace with a last known good version of the tree.

  4. #24
    Join Date
    Sep 2007
    Location
    Connecticut,USA
    Posts
    974

    Default

    Quote Originally Posted by crazycheese View Post
    At least you could post "Fck microsoft" instead.
    Just joking )
    Wish the prankster put "Steve Ballmer was here" instead into the commit so even more lulz would be had :^)

  5. #25
    Join Date
    Aug 2009
    Posts
    2,264

    Default

    Quote Originally Posted by Delgarde View Post
    No. Moral of the story, someone with root access on those servers thinks playing pranks is a good use of the trust people have given him. Harmless or not, this is a pretty bad look for FD.o...
    You know what concerns me? If somebody can delete an entire git tree without anyone knowing, then how can one detect a simple backdoor?

  6. #26
    Join Date
    Sep 2009
    Location
    Edinburgh, UK
    Posts
    53

    Default

    Quote Originally Posted by V!NCENT View Post
    You know what concerns me? If somebody can delete an entire git tree without anyone knowing, then how can one detect a simple backdoor?
    I doubt that this would be unnoticed unless the tree is unused. If the tree is used, then there are lots of its copies and git will complain if somebody tries to introduce some backdoor into the tree (git check SHA1 hashes of the commits).

  7. #27

  8. #28
    Join Date
    Mar 2009
    Posts
    86

    Default

    Quote Originally Posted by DeepDayze View Post
    Exactly, so what is there to gain by even pulling such really childish crap like that on some project that's been rather moribund? Security needs to be tightened up and git's the better way to go about managing a source tree.

    Vandalism like this should NEVER be tolerated at any level. It would be good to remove the entire vandalized tree and replace with a last known good version of the tree.
    The vandalism was one added commit on a new branch, so restoring the tree is as simple as deleting the branch. Git is pretty good about guaranteeing that nothing else was changed as long as the commit IDs for the other branches weren't changed. Somebody will obviously have to verify those against known good copies, though.

  9. #29
    Join Date
    Jan 2008
    Posts
    299

    Default

    Quote Originally Posted by V!NCENT View Post
    You know what concerns me? If somebody can delete an entire git tree without anyone knowing, then how can one detect a simple backdoor?
    Where the hell are you getting that a git tree was deleted?

  10. #30
    Join Date
    Apr 2010
    Posts
    1,946

    Default

    Quote Originally Posted by Michael View Post
    He is VERY lucky not being in some corporate entity. Sorry won't be enough - they'd claim $100 Bln compensation from him. Bad moral mood my *** (sorry).

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •