Looks like it's made the news http://news.slashdot.org/story/11/01/25/1723259/Fedora-Infrastructure-Compromised
Cheers Al On Wed, Jan 26, 2011 at 11:34 AM, Kevin Fenzi <ke...@scrye.com> wrote: > On Tue, 25 Jan 2011 17:10:20 -0500 > Ricky Zhou <ri...@fedoraproject.org> wrote: > > > > Additionally it would be nice to investigate whether the account was > > > used to access the test machine resources for package maintainers: > > > > https://fedoraproject.org/wiki/Test_Machine_Resources_For_Package_Maintainers > > Good point. We don't run those machines, and all packagers have sudo > > there , so Fedora packagers should consider it unsafe to forward their > > SSH agent or enter any sensitive information on those machines. We'll > > get in touch with Kevin about checking those machines though. > > I see no evidence of tampering on those machines. > > I checked the logs of the firewall in front of them (that logs all ssh > connections to them) against the lastlogs on each. There's no 'missing' > ssh connections or connections from this account. > > Thanks for asking. ;) > > kevin > > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel >
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel