info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ANN: cvssh - secure ext-to-pserver bridge

From: Greg A. Woods
Subject: Re: ANN: cvssh - secure ext-to-pserver bridge
Date: Fri, 22 Feb 2002 01:25:15 -0500 (EST) 
[ On Thursday, February 21, 2002 at 18:38:15 (-0800), David A. Desrosiers 
wrote: ]
> Subject: Re: ANN: cvssh - secure ext-to-pserver bridge
>
> 
> > There's only _EXACTLY_ one case where cvspserver is in any way more
> > secure than giving out real accounts, and that's when pserver is used to
> > give read-only anonymous access to a _copy_ of a repository.
> 
>       And if the copy needs to get sync'd back to the "real" repository (a
> definate requirement), there goes your security. Next idea?

If you're blind and stupid enough to sync a read-only anonymously
accessed repository back to the master then you're so lost I don't even
want to think about it.  You must only sync it in the other direction --
i.e. update the read-only server _from_ the master!

>       i.e. you give them no access. Hence, pserver. I don't want to give
> out shells to hundreds and thousands of developers using ssh. Using pserver,
> this works today, and is much more secure. I don't need accountability, I
> need security. pserver vs. ssh are not even _CLOSE_ to a comparible item.

Sorry, but if you want any security for commit access whatsoever then
you MUST assign unique individual system accounts to every authorised
user.  Accountability is one of the three primary components of
security.  You cannot have security without having accountability.  No
ifs ands or buts.  Period.  All you've got to decide is the level of
security you want and how to implement it, while at the smae time
keeping track of where computers and networks can turn tiny threats into
gigantic overbearing problems.

>       Thanks for the lesson, I'm away of how to do system-level and
> account-level administration. I'm also aware of how to secure the system,
> and the services hosted on it.

I don't think you are, to put it bluntly.  You've been spouting so many
misconceptions and falsities that I wouldn't trust you within 100 yards
of a root password for any system I cared about.

>       It's an interesting idea, however.. not usable as users scale into
> the thousands.

That's pure and simple BS.  Sourceforge uses only SSH and they have tens
of thousands of users, if not hundreds of thousands.  Certainly it scales.

-- 
                                                                Greg A. Woods

+1 416 218-0098;  <address@hidden>;  <address@hidden>;  <address@hidden>
Planix, Inc. <address@hidden>; VE3TCP; Secrets of the Weird <address@hidden>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]