Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 31 Mar 2021 15:58:19 +0200
From:      Felix Palmen <felix@palmen-it.de>
To:        freebsd-ports@freebsd.org
Subject:   Re: Lessons from the PHP git repo "hack"
Message-ID:  <20210331135819.rzy3weyxunobnne6@nexus.home.palmen-it.de>
In-Reply-To: <6314D726-F55D-4374-AB63-B17B7B3E4D14@kreme.com>
References:  <6314D726-F55D-4374-AB63-B17B7B3E4D14@kreme.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--qsu77szoqkthu66r
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* @lbutlr <kremels@kreme.com> [20210331 07:47]:
> Which brings me to the reason for this post, as it seems that the
> ports collection of FreeBSD 13.x will be in the same position, running
> a private git server network and using GitHub as a mirror and I wonder
> if some lessons from php's experience with this should be considered
> for this setup before it's implemented.

Apart from the fact there's only one ports tree=E2=80=A6

I'd say the lesson is keep your systems updated and pay attention to
keep your credentials safe/secret. I don't see how Github would prevent
such an incident any better.

--=20
 Dipl.-Inform. Felix Palmen  <felix@palmen-it.de>   ,.//..........
 {web}  http://palmen-it.de  {jabber} [see email]   ,//palmen-it.de
 {pgp public key}     http://palmen-it.de/pub.txt   //   """""""""""
 {pgp fingerprint} A891 3D55 5F2E 3A74 3965 B997 3EF2 8B0A BC02 DA2A

--qsu77szoqkthu66r
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAABCAAdFiEEqJE9VV8uOnQ5ZbmXPvKLCrwC2ioFAmBkf/QACgkQPvKLCrwC
2ipwrQgAsTtp5aqGKUOpY+dVevewQR3Kk16efBCm0znsUergdAu9kjLqgHE8iz33
PdyCNQHe89fEjTcW/R5CFgF3Uxn6tRsi0aOvHi0hqy37RfTBgnV0fM+yIBBQVIsb
YPduZTUHi2KzDfxLFVJbA9QdJOMwBpokKizvxHDA+pci/U4s89KBFBRIhzouf+mT
QZY232wA5HKeT4GTiu9aqkOLQTSY4iBGyLbMj7BDm7W8fvT6QTc1exZ99QRJMmYy
CjYxj4ts3nn+YeJhXHqdWB+tauiyEiZ0sFWLfcOld6HEHiYKVvMJK4GDOv1yPH3L
YvhHgUlg3SNCvRlCxjk3s2KpzfVR9A==
=msj+
-----END PGP SIGNATURE-----

--qsu77szoqkthu66r--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20210331135819.rzy3weyxunobnne6>