info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: what's to stop a developer from nuking the repository?

From: Greg A. Woods
Subject: Re: what's to stop a developer from nuking the repository?
Date: Wed, 21 Jan 2004 01:58:14 -0500 (EST) 
[ On Tuesday, January 20, 2004 at 15:13:08 (-0600), address@hidden wrote: ]
> Subject: Re: what's to stop a developer from nuking the repository?
>
> The key here is accountability, I think.

Indeed it is!  ;-)

>  pserver has effectively no
> accountability, and telnet/rlogin have some (as far as I know).

Well, in fact pserver _precludes_ any possiblity of accountability by
its very design and implementation.

> > If you have a trusted network and you do feel comfortable with telnet
> > and rlogin then USE THEM -- DO NOT USE PSERVER.
> >
> The logic for using pserver over ssh would be that it's harder to set
> ssh up right.

Using pserver over SSH is about the biggest fallacy for "security" I can
imagine for anything in this context.

If you're going to use SSH, then JUST USE SSH for goodness sake!!!!!

(same goes for any network tunneling mechanism -- and if the tunnel
tools don't give you easy remoe job execution interafaces that can be
used like RSH then just use RSH through the tunnel!  (e.g. IPsec))

-- 
                                                Greg A. Woods

+1 416 218-0098                  VE3TCP            RoboHack <address@hidden>
Planix, Inc. <address@hidden>          Secrets of the Weird <address@hidden>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]