On Wed, 10 Jul 2024, Roman Pronskiy wrote: > 3. Deployment Process > Recently, there was an incident with a code block pushed to the > website accidentally: https://github.com/php/web-php/pull/1021. It was > promptly reverted, but the case highlighted a potential security risk:
It wasn't an *accident* that I pushed it. Only people with commit access to php-web can push things, and that isn't a large list of people. It is the RMs: https://github.com/orgs/php/teams/release-managers and web-team: https://github.com/orgs/php/teams/web-team Each has 13 members, but there are some overlaps. The deploy scripts are all part of php-systems, of which only the repository owners can commit to, and web-master, which only the above mentioned web-team can commit to. > unauthorized modifications could go unnoticed, potentially affecting > all visitors of the php.net website worldwide. In theory, malicious > code could be added to the server directly if access is compromised, > with high chances of being unnoticed. All commits to web-php and web-master are emailed to a mailinglist: https://news-web.php.net/php.webmaster which I actively monitor. We can probably improve on this this, but this is all pretty tight, moreso than committing random things to the PHP source repository. cheers, Derick
