Reminders about login security on gnome.org

From: Owen Taylor <otaylor redhat com>
To: gnome-hackers gnome org
Cc: gnome-sysadmin gnome org
Subject: Reminders about login security on gnome.org
Date: Fri, 21 Nov 2003 15:38:25 -0500

With the recent debian.org incident, I wanted to send out some brief
reminders about security on gnome.org:

 - Always log in from a secure machine. That typically
   means from your own workstation or laptop. If that's
   not possible, then make sure you really, really 
   trust the person who administers the machine.

   Logging into gnome.org from public lab machines or
   internet terminals is *highly* 

   The same applies even more so to CVS access.

 - Use an ssh-key with a passphrase if at all possible.
   Don't use a ssh-key without a passphrase.
 
 - If you have a login or CVS account on gnome.org that 
   you are no longer using, and don't need, please mail
   acounts gnome org and ask for it to be removed.

 - If you, have, in the past:
   
    - Logged into gnome.org from a shared machine
    - Used the same password on gnome.org and on another
      system.

   Please change your password on gnome.org *right now*,
   or mail accounts gnome org and ask us to disable
   the account.

Thanks,
					Owen

Follow-Ups:
- Re: Reminders about login security on gnome.org
  - From: Gediminas Paulauskas

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]