On Wed, Mar 31, 2021 at 3:14 PM @lbutlr wrote:
>
> On 31 Mar 2021, at 12:02, Jose Quinteiro wrote:
> > I've found passwords checked into public Github repos more than once. I
> > don't equate Github with security.
>
> Have you also found the code necessary to replicate a 2FA token checked in to
On 31 Mar 2021, at 12:02, Jose Quinteiro wrote:
> I've found passwords checked into public Github repos more than once. I
> don't equate Github with security.
Have you also found the code necessary to replicate a 2FA token checked in to a
GitHub repo?
--
I WILL NOT DO THE DIRTY BIRD Bart chalk
On 3/31/21 7:03 AM, @lbutlr wrote:
>
> That is making an assumption that the people running the php git server were
> incompetent, which is not something I am willing to do at this point.
>
Isn't it too early to learn any lessons, then?
I've found passwords checked into public Github repos more
* @lbutlr [20210331 08:03]:
> On 31 Mar 2021, at 07:58, Felix Palmen wrote:
> > I'd say the lesson is keep your systems updated and pay attention to
> > keep your credentials safe/secret. I don't see how Github would
> > prevent such an incident any better.
>
> That is making an assumption that
* @lbutlr [20210331 08:03]:
> > Apart from the fact there's only one ports treeā¦
>
> How does that make any difference? If someone gains access to the repo
> and makes changes everyone gets this changes.
Difference is that it has nothing to do with FreeBSD 13.
> > I'd say the lesson is keep you
On 31 Mar 2021, at 07:58, Felix Palmen wrote:
> * @lbutlr [20210331 07:47]:
>> Which brings me to the reason for this post, as it seems that the
>> ports collection of FreeBSD 13.x will be in the same position, running
>> a private git server network and using GitHub as a mirror and I wonder
>> i
* @lbutlr [20210331 07:47]:
> Which brings me to the reason for this post, as it seems that the
> ports collection of FreeBSD 13.x will be in the same position, running
> a private git server network and using GitHub as a mirror and I wonder
> if some lessons from php's experience with this should
