Fedora Project investigates possible infrastructure compromise
Posted on 25 January 2011.
A security incident on Fedora infrastructure has been reported by Jared Smith, Fedora Project's leader, who confirmed that the account of one of its contributors has been compromised.

According to preliminary results of an investigation mounted by Fedora Project's Infrastructure Team, the compromise wasn't the result of an exploitation of a vulnerability.

Luckily for all, the compromised account doesn't belong to a member of any sysadmin or Release Engineering groups.

Upon being notified by the legitimate account user that something was off, the Infrastructure Team immediately proceeded to lock down the access to the account, take filesystem snapshots of all systems the account had access to, and audit SSH, FAS, Git, and Koji logs from the time of compromise to the present.

So far, they discovered that the attacker changed the account's SSH key in the Fedora Accounts System and logged in to fedorapeople.org. Fedora users are reassured that he or she did not push any changes to the Fedora SCM or access pkgs.fedoraproject.org in any way, generate a koji cert or perform any builds, or push any package updates.

"The Infrastructure Team believes that Fedora users are in no way threatened by this security breach and we have found no evidence that the compromise extended beyond this single account," wrote Smith, but they encourage anyone who might notice something is off to report it.






Spotlight

(IN)SECURE Magazine issue 45 released

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Tue, Mar 3rd
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //