Y
Hacker News
new
|
ask
|
show
|
jobs
by
PleaseStand
4886 days ago
GitHub now [allows HTTPS pushes][1], so a man-in-the-middle attack on a single connection would be sufficient to push backdoors. In any case, can't the intermediary just add another SSH key to the account?
[1]:
https://help.github.com/articles/pushing-to-a-remote