From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jkosina@suse.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 86D0EABA
	for <ksummit-discuss@lists.linuxfoundation.org>;
	Mon, 13 Jul 2015 08:32:32 +0000 (UTC)
Received: from mail.emea.novell.com (mail.emea.novell.com [130.57.118.101])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id CFD33A7
	for <ksummit-discuss@lists.linuxfoundation.org>;
	Mon, 13 Jul 2015 08:32:31 +0000 (UTC)
Date: Mon, 13 Jul 2015 10:32:06 +0200 (CEST)
From: Jiri Kosina <jkosina@suse.com>
To: James Bottomley <James.Bottomley@HansenPartnership.com>
In-Reply-To: <1436599873.2243.10.camel@HansenPartnership.com>
Message-ID: <alpine.LNX.2.00.1507131027000.7522@pobox.suse.cz>
References: <20150710143832.GU23515@io.lakedaemon.net>
	<CA+5PVA5j9973GzdYj-s2WX3J8ycf5hQTBdGq+8j-8RGDX2OaYg@mail.gmail.com>
	<20150710162328.GB12009@thunk.org>
	<CAGXu5j+NY8-5WPcP1kLZsKgzmbQ=L0Q18XZ6FYeVTcFGDLrRSw@mail.gmail.com>
	<1436599873.2243.10.camel@HansenPartnership.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Cc: Josh Boyer <jwboyer@fedoraproject.org>,
	ksummit-discuss@lists.linuxfoundation.org,
	Jason Cooper <jason@lakedaemon.net>
Subject: Re: [Ksummit-discuss] [CORE TOPIC] dev/maintainer workflow security
List-Id: <ksummit-discuss.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/ksummit-discuss>,
	<mailto:ksummit-discuss-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/ksummit-discuss/>
List-Post: <mailto:ksummit-discuss@lists.linuxfoundation.org>
List-Help: <mailto:ksummit-discuss-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/ksummit-discuss>,
	<mailto:ksummit-discuss-request@lists.linuxfoundation.org?subject=subscribe>

On Sat, 11 Jul 2015, James Bottomley wrote:

> >   - personal security (keep commit credentials secure from theft)
> 
> This second one is a bit of a red herring:  Assuming you did steal my
> credentials, how would you use them without being detected?

If the credentials can be used both to push to ra.kernel.org and to access 
your "local" copy of the GIT repo (on your notebook / desktop / storage), 
I can just push the malicious commit (*) to both repos and you might not 
notice immediately (because you wouldn't get non-fast-forward hint from 
git).

(*) or just ammend some already existing one so that you wouldn't
    notice extra commit when preparing pull request

-- 
Jiri Kosina
SUSE Labs