* teor schrieb am 2017-08-07 um 08:39 Uhr: > > On 7 Aug 2017, at 07:20, Jens Kubieziel <maillist@xxxxxxxxxxxx> wrote: > > https://trac.torproject.org/projects/tor/ticket/23120 and I set the > > the maximum amount to 17 (chosen arbitrarily). When an account is locked > > an admin has to unlock it. > > Is it possible to lock out all the admins? One can lock every account on trac. If an account is locked, a person with SSH access has to login to the trac machine and to reset the account. So every locked account can be reset. > > So we lived with this risk in the last years and simply relied on the > > fact that people choose a secure (aka hard-to-guess) password. So we > > just could return to this state. > > Do we have a way of restoring from backups to the state before a > TRAC_ADMIN compromise? The trac machine is backupped and we could probably restore the data (assuming that the compromise didn't happen like ten years ago, the backup is OK etc.). -- Jens Kubieziel http://www.kubieziel.de Das Theater wird immer existieren, weil die Menschen von Zelluloid und Retortenkollegen umgeben sind - da ist das Theater ein Hort der Wahrhaftigkeit. Tobias Moretti
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-project mailing list tor-project@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project