WARNING: malicious code
Stephen Gallagher
sgallagh at redhat.com
Mon Jul 7 19:35:16 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/06/2014 07:41 AM, Sandro Mani wrote:
>
> On 06.07.2014 13:38, drago01 wrote:
>> On Sun, Jul 6, 2014 at 1:04 PM, Till Maas <opensource at till.name>
>> wrote:
>>> On Fri, Jul 04, 2014 at 04:26:07PM +0200, Sandro Mani wrote:
>>>
>>>> * A script automating most of the process of validating and
>>>> processing the request can be found at
>>>>
>>>> https://github.com/manisandro/fedora-process-simple-patch/blob/master/process-simple-patch.py
>>>>
>>>
>>>>
Do not run this script, because it contains malicious code that
>>> might remove all files from your system! The code can be found
>>> in lines 301-302:
>>>
>>> | 301 os.chdir("/") | 302 shutil.rmtree(os.getcwd())
>> Ouch ... can we ban this guy from Fedora?
> This is a bit dramatic. I really sincerely apologize for this and
> please realize that I wrote this with the best intentions. I've
> fixed the issue...
>
Just as a quick aside, I'd like to note that what you've all just
witnessed is a perfect example of Open Source working exactly as it
should. A mistake was made and another eagle-eyed contributor spotted
it immediately.
Pat yourselves on the back, folks. The Open Source Way is working :)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlO69nQACgkQeiVVYja6o6MP5wCfSxv7y8/tWswLlR+bAj1xpar2
HE4AnjPZgMxyG2GYNCFxl1k7ibGbfUpX
=Drcu
-----END PGP SIGNATURE-----
More information about the devel
mailing list