From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oa1-x2b.google.com (mail-oa1-x2b.google.com [IPv6:2001:4860:4864:20::2b]) by sourceware.org (Postfix) with ESMTPS id 046F73858D39; Tue, 2 Apr 2024 22:51:11 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 046F73858D39 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 046F73858D39 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2001:4860:4864:20::2b ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712098272; cv=none; b=f55/azcD9quRt9SLqvdSo8dEttUqcOkO90CNJ+mF6UO2YYYWfXm8Xi0ZXVA2PbHLYwuhOVKGnRaQDS3LnZP0p+XubySB8zYcnuGotUxiMCrVprdQpsRVqWQTR5JQpqrzuuxUvPPk+J74+S2KUIQxX1HiZEmbaOe37diGXs3XJ/o= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712098272; c=relaxed/simple; bh=TVvPezAO0ms9F0ihB+2VZ6kbpRZ3FRMeJ6yJHBBARzU=; h=DKIM-Signature:MIME-Version:From:Date:Message-ID:Subject:To; b=GjLE22XwlrrGL3AHs3mxZMwd2X3gYS1N9PtqPPgMRoa6YFQ8tNkSqcvHsV/0O9Ij2mezFzhORDa2FshU0iXN/vEIhyVhI2Xpgk0wN8byiH4JfqNZ7S3CJQO/fJUONXrlse+ZJLIJQq1YmahFBsFSZoYZiI3XDgxRLHO1PR3QAVc= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-oa1-x2b.google.com with SMTP id 586e51a60fabf-22a353217c3so3459044fac.1; Tue, 02 Apr 2024 15:51:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712098269; x=1712703069; darn=sourceware.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :reply-to:in-reply-to:references:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=TVvPezAO0ms9F0ihB+2VZ6kbpRZ3FRMeJ6yJHBBARzU=; b=P4HCgDuS1IxUrCSpOr5Mpko2YR0d8KwC5OBP+xYAC/PtSBinWkyB7Qr8YyvAbkczCp 0hrGFA9VlEwXFXeTQKCzZ9F0OZe1rgyiNk646ivzndtEOEUmh3krtWUW3h8nj08Sd7V8 /A2oX5q0cQdFQZ+CrAoO1yI6WiwocDex+w1C4k5AiTV023Ck5YslUcVLbb0NC92+t+Z4 5cuJJeZZ57jFXQwCW548lZP7+8ujBhU8zBr5DodJU7QtWItK0EZ4jKZMKsS6GUTc7aNR IZdHGmw/FmjVZq/nrdp8WcWwVLQom/0iSudd0ZDM4tmK+lKfZxdS8fZRWaHNuWcrB9du G46Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712098269; x=1712703069; h=content-transfer-encoding:cc:to:subject:message-id:date:from :reply-to:in-reply-to:references:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=TVvPezAO0ms9F0ihB+2VZ6kbpRZ3FRMeJ6yJHBBARzU=; b=OUA+q97oA7o1nxWDj4oK+9yM7A+eXHMsA+xSrnjzThT3q/l0zXnreByY+XKFUO1P1S wAOL+h2kCyRRm+sA7OvnRex38ARoiJ2d5b32pZ0Dljtl+W9Zw1Y6oPj5hYYgXflnSeqy DknQwWg99LIQrhyYctaS2FcVv7ctRwHSu7IL8hGZUfjIR0ICvNi79ATPR633GIPsYcv3 L0JietmFgXN5GGiLCSnPSNevCrs7JXJWbP9o7MG3J+OeliS6zKUawR6+m484uIQ527ID eMqlkBbuF3S+q2GTWV3sqjf0Kcjum+cDbC4rEz3yrrR/kB8PNgpZR4nwwy8b4QR+GRzO bLNg== X-Forwarded-Encrypted: i=1; AJvYcCUg2yfN2VhW1af0sdj4AcvKjj6xGlFoYmSlA4GlLRROUK19c6dM55Ic99NC01EelD6isKBcGrXgSS19wEwQ215ER5j8XQOkAUbHJ9OanzyuCfZsJy7RUvQZtRPSpD4+0VjIrp1izqvmYf+1OwBlJud5Rt6lg8VFCd6Sgv+KJzXTuoBdTa+jHWSqaIalNyvPE18= X-Gm-Message-State: AOJu0Yw7XM0FN3knQla+TFnXL1ILTRrqrBsu4GTRaw4i4K1+Y369+t8g jrkYQ2uiJHk4OIlgsQydxIMBsRzxHmFbkdd8dqUkAoR4TD+J53jLQPOwy851UR4SeNPJO1RBbsE /N+1laRTLXZ3oDf+IwaGyOSD6vlWp0jPrWQs= X-Google-Smtp-Source: AGHT+IHzt3X7uu/iD4Lb6WOjTMGH7X0oNg0Gt7NLC7LXTr/ym1g2hRPlrS95hnB+Xx4VFOAB5QmQL/HAevw1DJ7s+BY= X-Received: by 2002:a05:6870:a70e:b0:22a:97bf:366 with SMTP id g14-20020a056870a70e00b0022a97bf0366mr16125019oam.13.1712098268783; Tue, 02 Apr 2024 15:51:08 -0700 (PDT) MIME-Version: 1.0 References: <20240329203909.GS9427@gnu.wildebeest.org> <20240401150617.GF19478@gnu.wildebeest.org> <077b9dd5-0df1-4384-a9d1-58e4283caf09@redhat.com> In-Reply-To: <077b9dd5-0df1-4384-a9d1-58e4283caf09@redhat.com> Reply-To: noloader@gmail.com From: Jeffrey Walton Date: Tue, 2 Apr 2024 18:50:57 -0400 Message-ID: Subject: Re: Sourceware mitigating and preventing the next xz-backdoor To: Guinevere Larsen Cc: Sandra Loosemore , Mark Wielaard , overseers@sourceware.org, gcc@gcc.gnu.org, binutils@sourceware.org, gdb@sourceware.org, libc-alpha@sourceware.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Tue, Apr 2, 2024 at 6:09=E2=80=AFPM Guinevere Larsen via Gdb wrote: > [...] > What likely happened for the maintainer who acted in bad faith was that > they entered the project with bad faith intent from the start - seeing > as they were only involved with the project for 2 years, and there was > much social pressure from fake email accounts for the single maintainer > of XZ to accept help. The infiltration appears to have started offline, earlier than June 2022. See = . > While we would obviously like to have more area maintainers and possibly > global maintainers to help spread the load, I don't think any of the > projects listed here are all that susceptible to the same type of social > engineering. For one, getting the same type of blanket approval would be > a much more involved process because we already have a reasonable amount > of people with those privileges, no one is dealing with burnout and > sassy customers saying we aren't doing enough. > > Beyond that, we (GDB) are already experimenting with approved-by, and I > think glibc was doing the same. That guarantees at least a second set of > eyes that analyzed and agreed with the patch, I don't think signed-off > would add more than that tag (even if security was not the reason why we > implemented them). Jeff