[ On Tuesday, January 20, 2004 at 15:13:08 (-0600), [EMAIL PROTECTED] wrote: ]
> Subject: Re: what's to stop a developer from nuking the repository?
>
> The key here is accountability, I think.
Indeed it is! ;-)
> pserver has effectively no
> accountability, and telnet/rlogin have some (as far as I know).
Well, in fact pserver _precludes_ any possiblity of accountability by
its very design and implementation.
> > If you have a trusted network and you do feel comfortable with telnet
> > and rlogin then USE THEM -- DO NOT USE PSERVER.
> >
> The logic for using pserver over ssh would be that it's harder to set
> ssh up right.
Using pserver over SSH is about the biggest fallacy for "security" I can
imagine for anything in this context.
If you're going to use SSH, then JUST USE SSH for goodness sake!!!!!
(same goes for any network tunneling mechanism -- and if the tunnel
tools don't give you easy remoe job execution interafaces that can be
used like RSH then just use RSH through the tunnel! (e.g. IPsec))
--
Greg A. Woods
+1 416 218-0098 VE3TCP RoboHack <[EMAIL PROTECTED]>
Planix, Inc. <[EMAIL PROTECTED]> Secrets of the Weird <[EMAIL PROTECTED]>
_______________________________________________
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs
