If somebody compromizes the Subversion (or CVS) repository, they can potentially do commits without them going to the commit list, and therefore introduce evil code. Hopefully this will be picked up, but Freenet is quite large. If you want a non-java task to increase freenet's security, I suggest a script that can cross-reference the CVS list emails with the actual log from SVN/CVS, and flags up any discrepancies. If such a thing already exists, I'd be very interested; if it does not, some perl hacker who can't be bothered to learn java could write it. -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ chat mailing list chat@freenetproject.org Archived: http://news.gmane.org/gmane.network.freenet.general Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/chat Or mailto:[EMAIL PROTECTED]
