Hi Tomasz,
As far as I understood things, Nico did not fix all the issues that were
reported to him. He fixed the XSS problems mentioned in his first
message, but not the exploits mentioned in his following messages, with
screenshots (which I couldn't understand how to make sense of, sorry to
say). Including an SQL injection. If you look back at the mail, you
will see.
Regarding ssh, I wrote you about the peculiarities when I added you to
the authorized_keys ... in short, you should be able to log in *as root*
to vcs, i.e., ssh -l r...@vcs.sv.gnu.org as yourself, and then from
there you can ssh r...@frontend.sv.gnu.org.
Also, I'll try to fix that git issue,
Please do.
Thanks,
Karl
