[Ffmpeg-devel] SVN challenge response authentication weaknesses
Reimar Döffinger
Reimar.Doeffinger
Mon May 29 20:08:49 CEST 2006
Hi,
On Mon, May 29, 2006 at 12:43:35PM -0400, Rich Felker wrote:
> No, bad commits can quietly introduce backdoors in code that looks
> innocent. If the developer whose account is uses is away for a few
> days they might not even notice the change..
Yes, but that is something everyone of those having been granted access
can do too. Assuming that every single developer will absolutely surely
have no bad intentions seems as bad as assuming that SVN authentication
is unbreakable...
Anyway, my opinion is that we do not need perfect authentication. But
after all it is just that, an opinion :-)
Greetings,
Reimar D?ffinger
More information about the ffmpeg-devel
mailing list