Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cross-project-issues-dev] Security changes to SSH and shells explained

On 09/28/2011 02:49 PM, Eric Gwin wrote:
What about Use-case 1a; The evil hacker who hypothetically stole David's private key operates out of the Bahamas,

Good points.

Clearly, our number one priority as a community must be preventing David Williams from vacationing in the Bahamas.  That must never happen.

Seriously, I'm trying to keep this simple.  I'm assuming that before confirming that the network you're using is trustworthy you've ensured that it indeed is (ie, there isn't a microwave dish pointed directly at you, no one placed a briefcase with a hole in it over your keyboard, etc.).

However, I'd be interested to know your thoughts on how we'd implement a "temporary trust"...  Perhaps, when replying to the email, you type a keyword in the email body that we parse and use?




On 09/28/2011 03:01 PM, David Carver wrote:
Eliminate the need for Shell access entirely, otherwise this is just a bandaid, and if somebody really wants to get into the servers, they'll find a way to do it.

Ultimately, eliminating the need for a shell is the goal.  Since many projects use shell-based builds, we can't just assume that torquing Hudson will solve all our problems today. 

Denis

Back to the top