|
| From: | Geoff Beier |
| Subject: | Re: what's to stop a developer from nuking the repository? |
| Date: | Tue, 20 Jan 2004 09:25:37 -0500 |
| User-agent: | Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6b) Gecko/20031205 Thunderbird/0.4 |
Andy Jones wrote:
Tirsdag den 20. januar 2004 09:33 skrev Greg A. Woods:[ On Monday, January 19, 2004 at 15:43:35 (-0800), Mark wrote: ]Subject: Re: what's to stop a developer from nuking the repository? have unix command line users use :pserver:That's really Really REALLY _B_A_D_ advice!!!! There is absolutely _NO_ accountabilty or any other form of security in pserver. DO NOT _EVER_ USE PSERVER FOR NON-ANONYMOUS ACCESS!!!!
<snip>
Please forgive me if I am mistaken, and in any case I certainly don't want> to start a flame war, but am I right in thinking that Greg's opinion does not
> reflect the majority view?
I refuse to make any claims vis-a-vis a majority view, but I would say that his statement reflects a common opinion among folks who are concerned with security. pserver is unsuitable for anything other than anonymous, read-only access. Really. If you are using it for anything else, you are trusting your users to "just be nice", in effect.
Regards, Geoff
| [Prev in Thread] | Current Thread | [Next in Thread] |