[Ffmpeg-devel] SVN challenge response authentication weaknesses

Reimar Döffinger Reimar.Doeffinger
Mon May 29 20:08:49 CEST 2006

On Mon, May 29, 2006 at 12:43:35PM -0400, Rich Felker wrote:
> No, bad commits can quietly introduce backdoors in code that looks
> innocent. If the developer whose account is uses is away for a few
> days they might not even notice the change..

Yes, but that is something everyone of those having been granted access
can do too. Assuming that every single developer will absolutely surely
have no bad intentions seems as bad as assuming that SVN authentication
is unbreakable...
Anyway, my opinion is that we do not need perfect authentication. But
after all it is just that, an opinion :-)

Reimar D?ffinger

More information about the ffmpeg-devel mailing list