[FFmpeg-devel] root access voting

RaDSL admin at radsl.net
Sat Nov 2 14:02:34 EET 2024 

On 11/2/2024 4:34 AM, Michael Niedermayer wrote:
> Hi
>
> At teh current videolan developer days there where several surprise votes on FFmpegs
> infractructure. And to the best of my knowledge no remote participation
> and no recording.
>
> So let me try to reply to the idea of the general assembly choosing who has
> root access.
>
> We have seen a raise of increasingly sophisticated attacks in recent times.
> For example thx xz backdoor, where the maintainer was pressured by many people
> to add jia tan as maintainer who then eventually added a sophisticated hidden
> backdoor. Compromising xz and ssh. (Which almost was not even detected)
>
> We have seen batteries being exchanged by explosives by the mosad injuring
> members of a terrorist organization and probably a few innocent people.
> You may agree with fighting terror but do you agree with explosives,
> in maybe the phone someone of your familiy bought on ebay ?
>
> Just yesterday, lottie-player was replaced by a compromised version.
> Stealing peoples money.
>
> Our GA is build of everyone who has
> "authored more than 20 patches in the last 36 months in the main FFmpeg repository"
>
> This is a very low bar for an attacker. Even if we did KYC (which i think
> we should not) hiring 50 people to each write 20 patches is very doable even
> for a small company or heck even a single individual could do this.
> Let alone, a state actor.
>
> What this means, and i think this is obvious to everyone,
> is the GA cannot control critical infractructure access or things
> that allow attacks by state actors.
> Thats besides the root admins should generally be professional admins and not
> "popular politicans". Which is ultimately what a popular vote produces.
> Also the root team has to get along with each other and trust each other,
> obviously.
> And last, where is that professional admin who wants to do work and who has
> no root access ?
> I have to the best of my knowledge given every professional admin we have
> on the FFmpeg team, who needed root access, root access.
> Yes i would not give root access to people who are involved in every 2nd flamewar
> or who i totally do not get along.
> Or if the request comes in a strange context, ...
> But does the GA want to override that ?
> You think that would improve things ?
>
> Please lets not turn root access into a harris vs trump style democracy
>
> If theres a professional, trusted, admin and there work that needs to be done
> and (s)he has time, ability and will to do that work, nothing strange,
> and noone says they dont get along with him/her.
> I have and will give them root access.
> if thats not the case
> I dont think people would want me to give them root access.
>
> thx
>
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org  with subject "unsubscribe".

maybe train an A.I. that monitors and analyze each new patch can be 
useful....

More information about the ffmpeg-devel mailing list