I'm new to this mailing list so a short intro: My name is Drew Streib,
and I work for VA Linux/SourceForge.net as, among other things, the
ftp.sourceforge.net mirrors and distribution guy.
On Mon, Mar 26, 2001 at 10:47:36AM -0600, Dave Dykstra wrote:
> I understand, but I don't think those considerations are as important as
> keeping rsync easy to maintain. If we can get security by utilizing a very
> popular, well understood, well peer-reviewed tool that's separate from
> rsync I don't think there's a good reason to clutter up the rsync code
> by pulling in pieces of the separate tool into rsync.
Agreed.
If you include ssh type things in rsync, you'll also be forced to keep
rsync up with every ssh security fix that comes up. Using the existing
ssh programs/libraries ensures that these can be maintaind separately.
I don't think an easy ssh install and '-e ssh' is too much to ask, especially
for an admin wanting to worry some about system security. (hopefully
everybody)
-drew
--
M. Drew Streib <[EMAIL PROTECTED]>, http://dtype.org
"Email sigs waste valuable bandwidth."
PGP signature
