From: Kees Cook <kees@kernel.org>
To: Theodore Ts'o <tytso@mit.edu>
Cc: Borislav Petkov <bp@alien8.de>,
Konstantin Ryabitsev <konstantin@linuxfoundation.org>,
Daniel Gomez <da.gomez@kernel.org>,
users@kernel.org, Luis Chamberlain <mcgrof@kernel.org>,
Chuck Lever <cel@kernel.org>,
kdevops@lists.linux.dev
Subject: Re: Forbidden requests for kernel.org/releases.json
Date: Tue, 14 Oct 2025 09:10:04 -0700 [thread overview]
Message-ID: <202510140909.2CB85EF52@keescook> (raw)
In-Reply-To: <20251013151955.GH354523@mit.edu>
On Mon, Oct 13, 2025 at 11:19:55AM -0400, Theodore Ts'o wrote:
> Konstantin,
>
> I wonder to the AI bot protection versus CI tools that need to
> periodicaly track git trees so we can do tests would be to set up a
> read-only gitolite account? This could be using the ra.kernel.org, or
> it could be a secondary server, since we only need read-only access.
>
> If each CI builder has their own ssh key, you'll be able to track if a
> particular account is being too abusive in terms of load on the git server.
Alternatively to SSH keys, would client-side TLS certs be lower
complexity to implement?
--
Kees Cook
next prev parent reply other threads:[~2025-10-14 16:10 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-10 8:05 Forbidden requests for kernel.org/releases.json Daniel Gomez
2025-04-10 10:30 ` Borislav Petkov
2025-04-10 12:09 ` Daniel Gomez
2025-04-11 20:54 ` Konstantin Ryabitsev
2025-04-15 9:01 ` Borislav Petkov
2025-10-13 13:15 ` Borislav Petkov
2025-10-13 15:19 ` Theodore Ts'o
2025-10-14 16:10 ` Kees Cook [this message]
2025-04-10 12:45 ` Konstantin Ryabitsev
2025-04-11 14:18 ` Theodore Ts'o
2025-04-11 15:25 ` Konstantin Ryabitsev
2025-04-11 16:48 ` James Bottomley
2025-04-11 16:59 ` Laurent Pinchart
2025-04-11 17:00 ` Konstantin Ryabitsev
2025-04-11 17:13 ` James Bottomley
2025-04-11 20:38 ` Konstantin Ryabitsev
2025-04-12 2:19 ` Theodore Ts'o
2025-04-11 20:56 ` Luis Chamberlain
2025-04-11 21:04 ` Konstantin Ryabitsev
2025-04-11 23:37 ` Luis Chamberlain
2025-04-11 20:08 ` Jonathan Corbet
2025-04-11 17:09 ` Theodore Ts'o
2025-04-11 18:23 ` Luck, Tony
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202510140909.2CB85EF52@keescook \
--to=kees@kernel.org \
--cc=bp@alien8.de \
--cc=cel@kernel.org \
--cc=da.gomez@kernel.org \
--cc=kdevops@lists.linux.dev \
--cc=konstantin@linuxfoundation.org \
--cc=mcgrof@kernel.org \
--cc=tytso@mit.edu \
--cc=users@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.