[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-hackers] Re: Plan for today

From: Vincent Caron
Subject: [Savannah-hackers] Re: Plan for today
Date: Thu, 18 Dec 2003 18:28:41 +0100
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6b) Gecko/20031205 Thunderbird/0.4

Mathieu Roy wrote:

  In theory, a malicious hacker could change the RCS file in place
without you noticing on cvs updates. Although that's very tricky and
there are plenty of other places with easier and more insteresting
backdoors to install.

How so? Each time I make a cvs update, the RCS file on the server is
compared with my file. And if I do not have the exact same file, I'll
get a U, or even a C if edited the file.

  I think I've been too suspicious on this item, forget it.

Apart from that I do not clearly understand your proposal. No change
that have been made to the server should impact the frontend part (how

  That's true, we should have the frontend easily and quickly working.

For the backend, I guess that the change you'll have to made will not
be polished and portable enough to be commited in the savannah CVS in
a near future. So you can create a CVS for hacked backend, unlinked to
the savannah project itself, if you feel it necessary.

That's what I meant, there's an emergency for subversions, and I think you would prefer to defer discussions and maybe implementation issues about this chroot thing on the official Savannah tree later.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]