On Tue, 2005-08-09 at 08:53 -0400, Daniel Berlin wrote: > > Looks good. I think it would be slightly more secure to have people > > commit the patch with a unique name in some access-controlled CVS > > (either some subdir of the GCC one or a new local one) than relying on > > email "From" fields at the cost of minor inconvenience. > > > > Why bother? > Nobody forges mails to *test patches*. What does it buy you?
Full control of an internet connected host, your just have to provide a patch to the gcc Makefile to append some ssh public key in $HOME/.ssh somewhere or compile and run your favourite mini backdoor included in the patch. You can of course run in some jail (usermode linux or whatever) to mitigate this. Laurent
