From mboxrd@z Thu Jan  1 00:00:00 1970
Path: main.gmane.org!not-for-mail
From: storm@cua.dk (Kim F. Storm)
Newsgroups: gmane.emacs.devel
Subject: Re: What shall we do to verify the CVS diffs for emacs?
Date: 17 Jan 2004 02:55:48 +0100
Sender: emacs-devel-bounces+emacs-devel=quimby.gnus.org@gnu.org
Message-ID: <m3zncnfie3.fsf@kfs-l.imdomain.dk>
References: <200401132134.i0DLYPO2006888@sun1.aic.nrl.navy.mil>
	<E1AhEvf-0004T1-U9@fencepost.gnu.org>
	<m3r7y0bq28.fsf@kfs-l.imdomain.dk>
	<E1Aha2u-0000vo-Oe@fencepost.gnu.org>
	<20040116230449.GC13013@fencepost>
NNTP-Posting-Host: deer.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: sea.gmane.org 1074301215 9266 80.91.224.253 (17 Jan 2004 01:00:15 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Sat, 17 Jan 2004 01:00:15 +0000 (UTC)
Cc: emacs-devel@gnu.org, Richard Stallman <rms@gnu.org>, Hoey@aic.nrl.navy.mil
Original-X-From: emacs-devel-bounces+emacs-devel=quimby.gnus.org@gnu.org Sat Jan 17 02:00:09 2004
Return-path: <emacs-devel-bounces+emacs-devel=quimby.gnus.org@gnu.org>
Original-Received: from quimby.gnus.org ([80.91.224.244])
	by deer.gmane.org with esmtp (Exim 3.35 #1 (Debian))
	id 1Aheor-00071x-00
	for <emacs-devel@deer.gmane.org>; Sat, 17 Jan 2004 02:00:09 +0100
Original-Received: from monty-python.gnu.org ([199.232.76.173])
	by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian))
	id 1Aheor-0005LS-00
	for <emacs-devel@quimby.gnus.org>; Sat, 17 Jan 2004 02:00:09 +0100
Original-Received: from localhost ([127.0.0.1] helo=monty-python.gnu.org)
	by monty-python.gnu.org with esmtp (Exim 4.24)
	id 1Aheo8-0007jO-Ly
	for emacs-devel@quimby.gnus.org; Fri, 16 Jan 2004 19:59:24 -0500
Original-Received: from list by monty-python.gnu.org with tmda-scanned (Exim 4.24)
	id 1AhenV-0007j2-T2
	for emacs-devel@gnu.org; Fri, 16 Jan 2004 19:58:45 -0500
Original-Received: from mail by monty-python.gnu.org with spam-scanned (Exim 4.24)
	id 1Ahemy-0007az-BD
	for emacs-devel@gnu.org; Fri, 16 Jan 2004 19:58:44 -0500
Original-Received: from [195.41.46.235] (helo=pfepa.post.tele.dk)
	by monty-python.gnu.org with esmtp (Exim 4.24)
	id 1Ahekk-0007EG-T4; Fri, 16 Jan 2004 19:55:55 -0500
Original-Received: from kfs-l.imdomain.dk.cua.dk (0x503e2644.bynxx3.adsl-dhcp.tele.dk
	[80.62.38.68]) by pfepa.post.tele.dk (Postfix) with SMTP
	id A96C647FF90; Sat, 17 Jan 2004 01:55:53 +0100 (CET)
Original-To: Miles Bader <miles@gnu.org>
In-Reply-To: <20040116230449.GC13013@fencepost>
Original-Lines: 41
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3.50
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.2
Precedence: list
List-Id: Emacs development discussions.  <emacs-devel.gnu.org>
List-Unsubscribe: <http://mail.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://mail.gnu.org/pipermail/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://mail.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+emacs-devel=quimby.gnus.org@gnu.org
Xref: main.gmane.org gmane.emacs.devel:19213
X-Report-Spam: http://spam.gmane.org/gmane.emacs.devel:19213

Miles Bader <miles@gnu.org> writes:

> On Fri, Jan 16, 2004 at 02:54:20PM -0500, Richard Stallman wrote:
> >     Then send me a list of the files you want to verify (C code or Lisp),
> >     or just request a list of files to check (and I'll chose some files
> >     for you).
> > 
> > My idea was that we would ask the various contributors to check the
> > changes they installed.  It doesn't have to be done that way; we
> > can try it this way too.
> 
> I don't know whether it's useful, but I've been tracking the emacs CVS
> sources with my arch branch since before the break-in.
> 
> Naturally, any bogus checkins to CVS would have been mirrored in the arch
> branch as well, but perhaps it might serve as check against retro-active
> modification of the CVS files on savannah.

Any checks you can make to improve confidence would be good, but if
bogus checkins are mirrored too, I don't really see how it can help us.

But a raw compare of the tip of CVS and arch would be inteseting.

> 
> The intruder could have _also_ modified the arch archive to match[*] -- they
> are now gpg-signed, but unfortunately were not at the time of the incident --
> but that seems a fair bit less likely.  In addition, the archive has been
> mirrored on a non-GNU host since 1-sept (and arch mirrors are essentially
> append-only); however there's still a (small) avenue for compromise, even
> with the mirror, as I have an ssh key for it stored on fencepost.
> 
> [*] stored on fencepost, in my home dir

I don't recall, so is the arch archive just a mirror of CVS, or
is it two ways (i.e. will changes to arch propagates back to CVS) ?

If the latter is the case, who has access to your arch archive,
and how do you control that access?

-- 
Kim F. Storm <storm@cua.dk> http://www.cua.dk