-Original Message-
> > From: Daniel Shahaf [mailto:danie...@apache.org]
> > Sent: Monday, April 29, 2013 15:58
> > To: Dennis E. Hamilton
> > Cc: dev@openoffice.apache.org; pesce...@apache.org
> > Subject: Re: Proposal: Improve security by limiting committer access
.@apache.org]
> Sent: Monday, April 29, 2013 15:58
> To: Dennis E. Hamilton
> Cc: dev@openoffice.apache.org; pesce...@apache.org
> Subject: Re: Proposal: Improve security by limiting committer access in SVN
> -- KEYS Compromise Exposure
>
> Dennis E. Hamilton wrote on Mon,
sage-
> From: Daniel Shahaf [mailto:danie...@apache.org]
> Sent: Monday, April 29, 2013 15:58
> To: Dennis E. Hamilton
> Cc: dev@openoffice.apache.org; pesce...@apache.org
> Subject: Re: Proposal: Improve security by limiting committer access in SVN
> -- KEYS Compromise Exposu
ssage-
From: Daniel Shahaf [mailto:danie...@apache.org]
Sent: Monday, April 29, 2013 15:58
To: Dennis E. Hamilton
Cc: dev@openoffice.apache.org; pesce...@apache.org
Subject: Re: Proposal: Improve security by limiting committer access in SVN --
KEYS Compromise Exposure
Dennis E. Hamilton wrote
Dennis E. Hamilton wrote on Mon, Apr 29, 2013 at 10:31:14 -0700:
> 5. This is sufficient to poison a download mirror site with
> a counterfeit download so long as the ASC, SHA1, and MD5 locations
> can also be spoofed without the user noticing.
Right. The normal answer here is "They will hav
: Andrea Pescetti [mailto:pesce...@apache.org]
Sent: Thursday, April 04, 2013 10:44
To: dev@openoffice.apache.org
Subject: Re: Proposal: Improve security by limiting committer access in SVN
Rob Weir wrote:
> On Thu, Apr 4, 2013 at 11:57 AM, Andrea Pescetti wrote:
>> 2) The only possible solut
itters-by-project.html#openoffice>.
- Dennis
-Original Message-
From: Andrea Pescetti [mailto:pesce...@apache.org]
Sent: Saturday, April 06, 2013 09:47
To: dev@openoffice.apache.org
Cc: Joe Schaefer
Subject: Re: Proposal: Improve security by limiting committer access in SVN
[ ... ]
Comm
Rob Weir wrote:
On Thu, Apr 4, 2013 at 3:59 PM, Joe Schaefer wrote:
Ah NO. Those so-called "phantom" committers
had their commit to this projext revoked when you graduated
http://people.apache.org/committers-by-project.html#openoffice
Maybe you are thinking of openoffice-pmc? I know the PPMC
On Wed, Apr 3, 2013 at 5:39 AM, Rob Weir wrote:
> We're starting to take a deeper look at what is required to integrate code
> signing into the OpenOffice build and release process. As you probably know
> operating systems, especially Windows and MacOS, are now checking for
> digital signatures a
which serve to divide the community. Such divisions are rarely
>>> needed.
>>>>>>
>>>>>> As Andrea points out, in Subversion's 13 year history, we have only
>>>>>> *requested* people observe certain fences. We have never had a
>>
committer re-appears after not doing anything for
2 years and has an urgent need to check in code. But if it does happen we
have ways of making it work. But it should be extremely rare.
-Rob
> - Dennis
>
> -Original Message-----
> From: Rob Weir [mailto:robw...@apache.org]
&g
e: Proposal: Improve security by limiting committer access in SVN
[ ... ]
But with OpenOffice, there was a two week period of time when we rapidly
bootstrapped the community by making people committers automatically, on
day 1. All they had to do is put their name on a wiki page and return an
ICLA and
pe we
all appreciate that this difference exists.
Regards,
-Rob
>
>
>
>
>
> >
> > From: Rob Weir
> >To: "dev@openoffice.apache.org"
> >Sent: Thursday, April 4, 2013 3:53 PM
> >Subject: Re: Proposal: Improve securi
in wrote:
>> > > > > > Speaking as one of those "old-hands", Dennis is absolutely
>> spot-on.
>> > > > > >
>> > > > > > Partitions, barriers, sub-groups... I call those "divisive"
>> > > mechanisms
>> > > &
t; > > > *requested* people observe certain fences. We have never had a
> > > > > > problem. We have never had to take sanctions. A stray commit here
> > and
> > > > > > there? Sure, it has happened, with the best intent, so we just
> > point
&g
vement.
>
> -Original Message-
> From: Rob Weir [mailto:robw...@apache.org]
> Sent: Thursday, April 04, 2013 12:03
> To: dev@openoffice.apache.org
> Subject: Re: Proposal: Improve security by limiting committer access in SVN
>
> On Thu, Apr 4, 2013 at 2:57 PM, Greg Stein wrote:
&g
That will be its only achievement.
-Original Message-
From: Rob Weir [mailto:robw...@apache.org]
Sent: Thursday, April 04, 2013 12:03
To: dev@openoffice.apache.org
Subject: Re: Proposal: Improve security by limiting committer access in SVN
On Thu, Apr 4, 2013 at 2:57 PM, Greg Stein wrot
> point
> > > > > out that they need a bit more caution. No harm done.
> > > > >
> > > > > Back to Dennis' point: the solution here is proper review of the
> > > > > commits that occur. (IMO) NOT a way to *exclude* or to *limit* the
>
gt; On Thu, Apr 04, 2013 at 09:23:39AM -0700, Dennis E. Hamilton wrote:
> > > > > In previous generations of this kind of discussion, the ASF
> old-hands
> > > will point out that the social process works quite well, folks don't do
> > > commits unless
oint out that the social process works quite well, folks don't do
> >> commits unless they feel qualified to do so, and it is often the case that
> >> committers will request RTC (i.e., submit patches rather than update the
> >> SVN) in contributing where they are not experienced or don&
mmitters will request RTC (i.e., submit patches rather than update the
> > SVN) in contributing where they are not experienced or don't consider
> > themselves expert.
> > > >
> > > > At the ASF this appears to be one of those, "if it is not broken,
>
ften the case that
>> committers will request RTC (i.e., submit patches rather than update the
>> SVN) in contributing where they are not experienced or don't consider
>> themselves expert.
>> > >
>> > > At the ASF this appears to be one of those, &qu
that authz is
> for related material on the SVN). There is no confidentiality to protect
> in the public code base. That's the point.
>
> -----Original Message-
> From: Rob Weir [mailto:robw...@apache.org]
> Sent: Thursday, April 04, 2013 09:44
> To: dev@openoffice.apache.org
;t fix it."
> > >
> > > There is still the concern about stolen credentials used to perform
> undetected malicious acts. If the oversight that the project naturally
> brings to bear on visible changes to the code base is insufficient, I think
> the problem is gr
Thursday, April 04, 2013 09:44
To: dev@openoffice.apache.org
Subject: Re: Proposal: Improve security by limiting committer access in SVN
On Thu, Apr 4, 2013 at 11:57 AM, Andrea Pescetti wrote:
> Dave Fisher wrote:
>
>> Let's focus only on adding one new authz list for the c
gs to bear on visible changes to the code base is insufficient, I think
> > the problem is greater than there being a possible exploit of that
> > inattention. Mechanical solutions may be part of the disease, not the cure
> > [;<).
> >
> > - Dennis
> >
&
riginal Message-
> From: Andrea Pescetti [mailto:pesce...@apache.org]
> Sent: Thursday, April 04, 2013 08:57
> To: dev@openoffice.apache.org
> Subject: Re: Proposal: Improve security by limiting committer access in SVN
>
> Dave Fisher wrote:
> > Let's focus on
On 4 April 2013 19:44, Andrea Pescetti wrote:
> Rob Weir wrote:
>
>> On Thu, Apr 4, 2013 at 11:57 AM, Andrea Pescetti wrote:
>>
>>> 2) The only possible solution would be an authz rule like suggested by
>>> Dave here; however, Infra quite discourages it, mainly for maintenance
>>> reasons. This l
Rob Weir wrote:
On Thu, Apr 4, 2013 at 11:57 AM, Andrea Pescetti wrote:
2) The only possible solution would be an authz rule like suggested by
Dave here; however, Infra quite discourages it, mainly for maintenance
reasons. This leads me to think we would need some good justifications for
impleme
On Thu, Apr 4, 2013 at 11:57 AM, Andrea Pescetti wrote:
> Dave Fisher wrote:
>
>> Let's focus only on adding one new authz list for the code tree.
>> Call it openoffice-coders and populate it with those who HAVE any
>> commit activity in the current code tree.
>>
>
> I checked feasibility with Inf
le policy.
-Rob
>
> - Dennis
>
> -Original Message-
> From: Andrea Pescetti [mailto:pesce...@apache.org]
> Sent: Thursday, April 04, 2013 08:57
> To: dev@openoffice.apache.org
> Subject: Re: Proposal: Improve security by limiting committer access in SVN
>
> Dave
e-
From: Andrea Pescetti [mailto:pesce...@apache.org]
Sent: Thursday, April 04, 2013 08:57
To: dev@openoffice.apache.org
Subject: Re: Proposal: Improve security by limiting committer access in SVN
Dave Fisher wrote:
> Let's focus only on adding one new authz list for the code tree.
>
Dave Fisher wrote:
Let's focus only on adding one new authz list for the code tree.
Call it openoffice-coders and populate it with those who HAVE any
commit activity in the current code tree.
I checked feasibility with Infra. Summary:
1) LDAP is not the solution. Rule it out.
2) The only poss
On Wed, Apr 3, 2013 at 11:30 PM, Louis Suárez-Potts wrote:
> Thanks, Rob, et al.,
>
> On 13-04-03, at 22:22 , Peter Junge wrote:
>
>
> One way of implementing this would be to look at all commits for the
> >>> past 6
> months (or 1 year?) and remove authorization on /trunk, /tag an
Thanks, Rob, et al.,
On 13-04-03, at 22:22 , Peter Junge wrote:
One way of implementing this would be to look at all commits for the
>>> past 6
months (or 1 year?) and remove authorization on /trunk, /tag and
>>> /branches
for those who have not made commits. But preserve a
On 4/3/2013 9:05 PM, Rob Weir wrote:
On Wed, Apr 3, 2013 at 8:57 AM, Alexandro Colorado wrote:
I think restricting this would be a horrible idea, since we still have
a shortage of developers. Limiting it by permissions and creating a
red tape would be even more problematic. I think the key her
On Wed, Apr 3, 2013 at 4:58 PM, janI wrote:
> On 3 April 2013 22:30, Rob Weir wrote:
>
> > On Wed, Apr 3, 2013 at 1:45 PM, Andrea Pescetti
> > wrote:
> >
> > > Jürgen Schmidt wrote: [...]
> > >
> > >> On 3 April 2013 14:39, Rob Weir wrote:
> >
> > > one change to our current process t
I'm going to top-post. I agree that this is a good idea, but I want to define
it expansively as a positive.
(1) The current authz that defines all of the AOO committers must be preserved.
This is used to generate foundation information like:
http://people.apache.org/committers-by-project.html#o
Am 04/03/2013 10:58 PM, schrieb janI:
On 3 April 2013 22:30, Rob Weir wrote:
On Wed, Apr 3, 2013 at 1:45 PM, Andrea Pescetti
wrote:
Jürgen Schmidt wrote: [...]
On 3 April 2013 14:39, Rob Weir wrote:
one change to our current process that will, I think, greatly
increase
security. T
Le 03/04/2013 15:13, Rob Weir a écrit :
3) We have those who are voted in as committers and might access other, non
SVN systems. They use their Apache ID's to write blog posts, access Pootle
directly, or maybe even just the SMTP servers. But they never touch SVN at
all.
I'm one of these commi
thz surface of the individual project code base.
> Fortunately, that will not disturb the bugzilla or authorization to edit
> on Planet Apache, afaik.
>
> - Dennis
>
> -----Original Message-----
> From: Rob Weir [mailto:robw...@apache.org]
> Sent: Wednesday, April 03, 20
ugzilla or authorization to edit on
Planet Apache, afaik.
- Dennis
-Original Message-
From: Rob Weir [mailto:robw...@apache.org]
Sent: Wednesday, April 03, 2013 13:17
To: dev@openoffice.apache.org;
Subject: Re: Proposal: Improve security by limiting committer access in SVN
[ ... ]
It
On 3 April 2013 22:30, Rob Weir wrote:
> On Wed, Apr 3, 2013 at 1:45 PM, Andrea Pescetti
> wrote:
>
> > Jürgen Schmidt wrote: [...]
> >
> >> On 3 April 2013 14:39, Rob Weir wrote:
>
> > one change to our current process that will, I think, greatly
> increase
> >
> > security.
On Wed, Apr 3, 2013 at 1:45 PM, Andrea Pescetti wrote:
> Jürgen Schmidt wrote: [...]
>
>> On 3 April 2013 14:39, Rob Weir wrote:
> one change to our current process that will, I think, greatly increase
>
> security. This would be to restrict SVN authorization for the code
>
in common use today.
It us only prudent that a committer not have that authorization unless they
are using it.
-Rob
> - Dennis
>
> -Original Message-
> From: Andrea Pescetti [mailto:pesce...@apache.org]
> Sent: Wednesday, April 03, 2013 10:46
> To: dev@openoffice.apac
ce.apache.org
Subject: Re: Proposal: Improve security by limiting committer access in SVN
Jürgen Schmidt wrote: [...]
>>> On 3 April 2013 14:39, Rob Weir wrote:
>>>> one change to our current process that will, I think, greatly increase
>>>> security. This would be to r
Jürgen Schmidt wrote: [...]
On 3 April 2013 14:39, Rob Weir wrote:
one change to our current process that will, I think, greatly increase
security. This would be to restrict SVN authorization for the code
I don't think this would greatly increase security, since the current
review model wou
On 03/04/2013 16:13, Rob Weir wrote:
> On Wed, Apr 3, 2013 at 9:06 AM, janI wrote:
>
>> On 3 April 2013 14:39, Rob Weir wrote:
>>
>>> We're starting to take a deeper look at what is required to integrate
>> code
>>> signing into the OpenOffice build and release process. As you probably
>> know
>>
janI wrote:
> But we have to very carefull not make it even harder to become/be
> committer, compare us a bit with LO, there I can have commit access
> within less than a day.
>
Hi Jan,
just to get this straight - we try hard to have your patch committed /
initial feedback provided in a day. Gett
On 4/3/13, Rob Weir wrote:
> On Wed, Apr 3, 2013 at 8:57 AM, Alexandro Colorado wrote:
>
>> I think restricting this would be a horrible idea, since we still have
>> a shortage of developers. Limiting it by permissions and creating a
>> red tape would be even more problematic. I think the key her
On 4/3/13 3:13 PM, Rob Weir wrote:
> On Wed, Apr 3, 2013 at 9:06 AM, janI wrote:
>
>> On 3 April 2013 14:39, Rob Weir wrote:
>>
>>> We're starting to take a deeper look at what is required to integrate
>> code
>>> signing into the OpenOffice build and release process. As you probably
>> know
>>>
On Wed, Apr 3, 2013 at 9:06 AM, janI wrote:
> On 3 April 2013 14:39, Rob Weir wrote:
>
> > We're starting to take a deeper look at what is required to integrate
> code
> > signing into the OpenOffice build and release process. As you probably
> know
> > operating systems, especially Windows and
On 3 April 2013 14:39, Rob Weir wrote:
> We're starting to take a deeper look at what is required to integrate code
> signing into the OpenOffice build and release process. As you probably know
> operating systems, especially Windows and MacOS, are now checking for
> digital signatures and by def
On Wed, Apr 3, 2013 at 8:57 AM, Alexandro Colorado wrote:
> I think restricting this would be a horrible idea, since we still have
> a shortage of developers. Limiting it by permissions and creating a
> red tape would be even more problematic. I think the key here is about
> the aproved releases.
I think restricting this would be a horrible idea, since we still have
a shortage of developers. Limiting it by permissions and creating a
red tape would be even more problematic. I think the key here is about
the aproved releases. I don't really use windows, so I am not very
familiar with the topi
We're starting to take a deeper look at what is required to integrate code
signing into the OpenOffice build and release process. As you probably know
operating systems, especially Windows and MacOS, are now checking for
digital signatures and by default prevent users from installing programs
that
56 matches
Mail list logo