[aur-general] Trusted User application: Levente Polyak

Levente Polyak anthraxx at archlinux.org
Thu Mar 19 17:05:39 UTC 2015

Hello everyone,

My name is Levente Polyak (also known as anthraxx) and I would like to
apply to become an Arch Linux TU. First at all I wanted to thank Felix
Yan for being my sponsor for this journey.

I was born in 1986 in Budapest (Hungary) and I'm currently working as a
software developer and security engineer / pentester in Hamburg
(Germany). I use GNU/Linux since something around 2001 and over the
years collected lot of experience with different distributions and
setups, going from SUSE over Debian and Ubuntu to Gentoo (and some
others just for testing or education purpose). I was never fully
satisfied with any of those, however with Gentoo I became acquainted
with the concept of rolling releases which since then I don't wanted to
ever miss. Finally around 2011 I gave Arch Linux a try and within a very
short period of time I got fully addicted to its simplicity, flexibility
and up-to-dateness. It was the first distribution were I started to feel
like being "home" without having anything that annoyed me.

I started maintaining packages in the AUR in 2013 and it didn't took
long until I noticed that I evolved a passion for doing that. Since then
I adopted and submitted several tools and libraries [0] that I find
useful and/or use myself.
When I find packaging issues or software bugs I contact upstream about
the problems and/or contribute to the code directly. To name some:
binwalk, lynis, shellnoob, xortool, selene, minitube...

Besides my packaging activities I am very active in the Arch CVE
Monitoring Team [1] since the first security advisory proposal of Remi
[2]. As part of the team I track all relevant CVEs [3] which affect our
official packages, push mitigation for important issues via bug reports
and publish Arch Linux security advisories (ASA) [4] to the
arch-security mailing list [5]. I'm also interested in developing for
the Arch Linux ecosystem and as I noticed that the wiki became quite
painful for tracking and handling the mitigation procedure, I started
building a security tracker. If my current plan sum up I will be able to
provide a preview of this soonish.

My packages reflect my emphasis related to security, but my general
interest in maintaining is not limited to that. However, I experienced
that in various security and forensics circles Arch Linux is often being
used and people are frequently crying why some of their daily tools are
not available in the official repositories.

If I became a TU, I would like to start with moving the following
packages maintained by me to [community]: lynis, pyrit, binwalk,
sslstrip, p0f, cowpatty, perl-term-extendedcolor, smali, volatility,
vit, hexer.

Additionally I would love to also move some packages maintained by other
users to [community] but currently its just an idea as I did not yet ask
them what they think about this step: radare2, capstone, zmap, zaproxy,
hydra, medusa, nikto, snort, foremost, xpdf, pngcrush, wavemon,
python-colorama (+ python2-colorama).

On top of this I also had a look at the currently orphaned packages in
[community] and I would like to adopt the following packages: ansible,
awesome, cclive, codeblocks, fail2ban, fish, ncmpcpp, id3v2.

As a small fadeout, besides all of the above, my favorite hobbies are
hanging around at the local CCC hackerspace in Hamburg, playing it-sec
CTFs, watching animes, geocaching and playing boardgames.

Kind regards,

[0] https://aur.archlinux.org/packages/?SeB=m&K=anthraxx
[1] https://wiki.archlinux.org/index.php/Arch_CVE_Monitoring_Team
[3] https://wiki.archlinux.org/index.php/CVE
[4] https://wiki.archlinux.org/index.php/Security_Advisorie
[5] https://lists.archlinux.org/listinfo/arch-security

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20150319/f141de1d/attachment.asc>

More information about the aur-general mailing list