Lessons from the PHP git repo "hack"
Felix Palmen
felix at palmen-it.de
Wed Mar 31 13:58:29 UTC 2021
* @lbutlr <kremels at kreme.com> [20210331 07:47]:
> Which brings me to the reason for this post, as it seems that the
> ports collection of FreeBSD 13.x will be in the same position, running
> a private git server network and using GitHub as a mirror and I wonder
> if some lessons from php's experience with this should be considered
> for this setup before it's implemented.
Apart from the fact there's only one ports tree…
I'd say the lesson is keep your systems updated and pay attention to
keep your credentials safe/secret. I don't see how Github would prevent
such an incident any better.
--
Dipl.-Inform. Felix Palmen <felix at palmen-it.de> ,.//..........
{web} http://palmen-it.de {jabber} [see email] ,//palmen-it.de
{pgp public key} http://palmen-it.de/pub.txt // """""""""""
{pgp fingerprint} A891 3D55 5F2E 3A74 3965 B997 3EF2 8B0A BC02 DA2A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20210331/12584831/attachment.sig>
More information about the freebsd-ports
mailing list