[ On Tuesday, January 20, 2004 at 15:13:08 (-0600), [EMAIL PROTECTED] wrote: ] > Subject: Re: what's to stop a developer from nuking the repository? > > The key here is accountability, I think.
Indeed it is! ;-) > pserver has effectively no > accountability, and telnet/rlogin have some (as far as I know). Well, in fact pserver _precludes_ any possiblity of accountability by its very design and implementation. > > If you have a trusted network and you do feel comfortable with telnet > > and rlogin then USE THEM -- DO NOT USE PSERVER. > > > The logic for using pserver over ssh would be that it's harder to set > ssh up right. Using pserver over SSH is about the biggest fallacy for "security" I can imagine for anything in this context. If you're going to use SSH, then JUST USE SSH for goodness sake!!!!! (same goes for any network tunneling mechanism -- and if the tunnel tools don't give you easy remoe job execution interafaces that can be used like RSH then just use RSH through the tunnel! (e.g. IPsec)) -- Greg A. Woods +1 416 218-0098 VE3TCP RoboHack <[EMAIL PROTECTED]> Planix, Inc. <[EMAIL PROTECTED]> Secrets of the Weird <[EMAIL PROTECTED]> _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs