On Thu, Jan 27, 2011 at 01:35:05AM +0530, Rahul Sundaram wrote:
> On 01/27/2011 01:12 AM, Paul W. Frields wrote:
> > On Wed, Jan 26, 2011 at 09:30:24AM -0700, Kevin Fenzi wrote:
> >>
> >> Disappointingly the slashdot story paraphrased another site that went
> >> with a sensationalized headline and
On 01/27/2011 01:12 AM, Paul W. Frields wrote:
> On Wed, Jan 26, 2011 at 09:30:24AM -0700, Kevin Fenzi wrote:
>>
>> Disappointingly the slashdot story paraphrased another site that went
>> with a sensationalized headline and was low on facts. They didn't even
>> point to the actual announcement for
On Wed, Jan 26, 2011 at 09:30:24AM -0700, Kevin Fenzi wrote:
> On Wed, 26 Jan 2011 15:25:40 +1300
> Al Reay wrote:
>
> > Looks like it's made the news
> >
> > http://news.slashdot.org/story/11/01/25/1723259/Fedora-Infrastructure-Compromised
>
> Disappointingly the slashdot story paraphrased ano
On Wed, 26 Jan 2011 15:25:40 +1300
Al Reay wrote:
> Looks like it's made the news
>
> http://news.slashdot.org/story/11/01/25/1723259/Fedora-Infrastructure-Compromised
Disappointingly the slashdot story paraphrased another site that went
with a sensationalized headline and was low on facts. The
Looks like it's made the news
http://news.slashdot.org/story/11/01/25/1723259/Fedora-Infrastructure-Compromised
Cheers
Al
On Wed, Jan 26, 2011 at 11:34 AM, Kevin Fenzi wrote:
> On Tue, 25 Jan 2011 17:10:20 -0500
> Ricky Zhou wrote:
>
> > > Additionally it would be nice to investigate whether
On Tue, 25 Jan 2011 17:10:20 -0500
Ricky Zhou wrote:
> > Additionally it would be nice to investigate whether the account was
> > used to access the test machine resources for package maintainers:
> > https://fedoraproject.org/wiki/Test_Machine_Resources_For_Package_Maintainers
> Good point. We
On 2011-01-25 10:50:48 PM, Till Maas wrote:
> Did he really not have write access to the Fedora wiki or the different
> trac instances (wiki, ticket system) on fedorahosted? I am not sure how
> it is handled, but he also might have had push access to the comps repo
> on fedorahosted.
Sorry, these a
On Tue, Jan 25, 2011 at 10:14:23AM +1000, Jared K. Smith wrote:
> The account in question was not a member of any sysadmin or Release
> Engineering
> groups. The following is a complete list of privileges on the account:
> * SSH to fedorapeople.org (user permissions are very limited on this
> m
Summary: Fedora infrastructure intrusion but no impact on product integrity
On January 22, 2011 a Fedora contributor received an email from the Fedora
Accounts System indicating that his account details had been changed. He
contacted the Fedora Infrastructure Team indicating that he had received