[Olsr-dev] [Olsr-commit] OLSR.org main repository branch, GSOC, updated. OLSRD_0_6_1_fixed-33-gd7b6715
Benson
(spam-protected)
Mon Jun 27 08:00:08 CEST 2011
If an untrusted developer submits a patch, it's guaranteed to be
code-reviewed by whoever pushes it into the repo. That's about all.
Benson
On Sat, Jun 25, 2011 at 4:52 PM, Henning <(spam-protected)> wrote:
> On Saturday 25 June 2011 21:05:30 Benson wrote:
>> Hi, I'm Benson. I am hoping to get up to speed on mesh networks and help
>> out if I can.
>>
>> I can't help thinking the worst case scenario is that some unsavory person
>> makes a seemingly innocuous commit that introduces a backdoor or other
>> security flaw which they can then exploit in real-world installations of
>> olsrd. I think this is unlikely, but if I owned the repository I'd give it
>> serious consideration.
> How would limited write commit change this?
>
> The amount of changes in the repository is small enough that we know what is
> going on. So either we see the "innocent backdoor" or we don't see it. I don't
> think it really matters who does push the commit.
>
> Its different for projects where you have more commits than a single person
> wants to read..
>
> Henning rogge
>
More information about the Olsr-dev
mailing list