Re: Git cvsserver serious issue

Поиск
Список
Период
Сортировка
От Magnus Hagander
Тема Re: Git cvsserver serious issue
Дата
Msg-id AANLkTik5DYN4i2yOR4udMM5WLo7NDxXiyv_3d=VwugbQ@mail.gmail.com
обсуждение исходный текст
Ответ на Re: Git cvsserver serious issue  (Andrew Dunstan <andrew@dunslane.net>)
Ответы Re: Git cvsserver serious issue  (Bruce Momjian <bruce@momjian.us>)
Список pgsql-hackers
Дерево обсуждения 
On Thu, Sep 23, 2010 at 11:27, Andrew Dunstan <andrew@dunslane.net> wrote:
>
>
> On 09/23/2010 02:09 AM, Magnus Hagander wrote:
>>
>> On Thu, Sep 23, 2010 at 04:59, Andrew Dunstan<andrew@dunslane.net>  wrote:
>>>>>
>>>>> Also, couldn't we just set up the cvsserver on its own VM with a
>>>>> limited
>>>>> amount of disk space, and not worry too much about any "DOS threat"?
>>>>> If somebody does do this, block them and reinitialize that server.
>>>>
>>>> We could do that, but that could end up fighting a losing battle in
>>>> case some bot hits it.
>>>>
>>>> I don't like deploying something with a known issue on it, sandboxed or
>>>> not.
>>>>
>>> Thinking about this some more, how about we do non-anonymous CVS over SSH
>>> access to the git-cvsserver for the few buildfarm members that can't
>>> currently handle using git (e.g. spoonbill)?
>>
>> Well, if we do that centrally, we are back to a dedicated VM (hint:
>> we're most certainly not adding non-personal no-password accounts to
>> one of the VMs used for critical services - it's bad enough we have
>> Bruce's account there :P).
>>
>> I assume most buildfarm clients are off static IPs (at least as seen
>> from the servers - they may be behind a NAT device, but that one
>> having static out)? If so, it seems simply easier to use pserver...
>>
>
> Yes, I think we should have a VM. Is that so hard to do in these days of Xen
> etc? I'm surprised we can't run up a VM pretty much at the drop of a hat.

In the new infrastructure, it is.

The main resource that's limited really is IP addresses ;)


> I was suggesting that the accounts would be protected using ssh keys.
> Password and IP address protection seem pretty weak to me. Passwords can be
> sniffed or attacked using brute force. IP addresses can be spoofed. But
> you're the SA, not me.

I prefer keys. But I don't want those users on the same VM as
important services, because passphrase-less keys are a lot more likely
to be compromised than the keys of say a regular committer...


--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Dimitri Fontaine
Дата:
Сообщение: Re: Standby registration
Следующее
От: Pavel Stehule
Дата:
Сообщение: Re: Per-column collation, work in progress