Re: Git cvsserver serious issue
| От | Magnus Hagander |
|---|---|
| Тема | Re: Git cvsserver serious issue |
| Дата | |
| Msg-id | AANLkTik5DYN4i2yOR4udMM5WLo7NDxXiyv_3d=VwugbQ@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Git cvsserver serious issue (Andrew Dunstan <andrew@dunslane.net>) |
| Ответы |
Re: Git cvsserver serious issue
|
| Список | pgsql-hackers |
On Thu, Sep 23, 2010 at 11:27, Andrew Dunstan <andrew@dunslane.net> wrote: > > > On 09/23/2010 02:09 AM, Magnus Hagander wrote: >> >> On Thu, Sep 23, 2010 at 04:59, Andrew Dunstan<andrew@dunslane.net> wrote: >>>>> >>>>> Also, couldn't we just set up the cvsserver on its own VM with a >>>>> limited >>>>> amount of disk space, and not worry too much about any "DOS threat"? >>>>> If somebody does do this, block them and reinitialize that server. >>>> >>>> We could do that, but that could end up fighting a losing battle in >>>> case some bot hits it. >>>> >>>> I don't like deploying something with a known issue on it, sandboxed or >>>> not. >>>> >>> Thinking about this some more, how about we do non-anonymous CVS over SSH >>> access to the git-cvsserver for the few buildfarm members that can't >>> currently handle using git (e.g. spoonbill)? >> >> Well, if we do that centrally, we are back to a dedicated VM (hint: >> we're most certainly not adding non-personal no-password accounts to >> one of the VMs used for critical services - it's bad enough we have >> Bruce's account there :P). >> >> I assume most buildfarm clients are off static IPs (at least as seen >> from the servers - they may be behind a NAT device, but that one >> having static out)? If so, it seems simply easier to use pserver... >> > > Yes, I think we should have a VM. Is that so hard to do in these days of Xen > etc? I'm surprised we can't run up a VM pretty much at the drop of a hat. In the new infrastructure, it is. The main resource that's limited really is IP addresses ;) > I was suggesting that the accounts would be protected using ssh keys. > Password and IP address protection seem pretty weak to me. Passwords can be > sniffed or attacked using brute force. IP addresses can be spoofed. But > you're the SA, not me. I prefer keys. But I don't want those users on the same VM as important services, because passphrase-less keys are a lot more likely to be compromised than the keys of say a regular committer... -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/
В списке pgsql-hackers по дате отправления: