[nycbug-talk] Security Implications for cvsupd
okan at demirmen.com
Tue Dec 7 23:19:42 EST 2004
On Tue 2004.12.07 at 19:31 -0500, Pete Wright wrote:
> Hi all,
> For various reasons I've contemplated setting up a cvsup mirror.
> While I plan to use it mostly for personal use at first, I've
> kicked around the idea of making it semi-public. Are there any
> non-obvious security implications one should think about when
> doing this. I am most likely going to run it in a jail, but
> there maybe there are other things to worry about. Secondly,
> is there any interest/need for yet another cvs mirror for
> FreeBSD in the NycBug community?
an nycbug mirror in california - that's a novel idea! i say do it ;)
as far as security is concerned, do anoncvs over ssh - no pserver.
since i imagine you are running pf somewhere on or in front of it,
limit the bandwidth and connections.
i've run an unofficial openbsd mirror for quite a while for a couple
of dozen people and projects without concern - not really publicly
advertised, but publicly available. - just for kicks.
> Peter Wright
> pete at nomadlogic.org
> % NYC*BUG talk mailing list
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month
Okan Demirmen <okan at demirmen.com>
PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934
More information about the talk