Re: Proposal: Linux Kernel Patch Management System

• Next message: Jeff V. Merkey: "Re: Microsoft NT/W2K/Linux NTFS Repair/Debug Tool"
• Previous message: Jeff Epler: "Re: NFS locking bug -- limited mtime resolution means nfs_lock() does not provide coherency guarantee"
• In reply to: Alan Cox: "Re: Proposal: Linux Kernel Patch Management System"
• Next in thread: almesber@lrc.di.epfl.ch: "Re: Proposal: Linux Kernel Patch Management System"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Sep 14, 2000 at 04:46:30PM +0100, Alan Cox wrote:
> That isnt the problem. Its what is in the source data you have to worry about.
> CVS also uses SSH happily. That doesn't stop attacks on either by feeding the
> server/input side bogus metadata

        True, but ssh checks for an authentic key from the server,
and if ssh is set up properly, it may eliminate at least some malicious
attacks (ie someone sending bogus metadata). Even though CVS can use ssh, it
irks me that it doesn't by default and you have to set it up. i'm a lazy
bastard; i like things to be set to safe defaults so i don't have to change
them.

-- 
Nathan Paul Simons, Programmer for FSMLabs
http://www.fsmlabs.com/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Jeff V. Merkey: "Re: Microsoft NT/W2K/Linux NTFS Repair/Debug Tool"
• Previous message: Jeff Epler: "Re: NFS locking bug -- limited mtime resolution means nfs_lock() does not provide coherency guarantee"
• In reply to: Alan Cox: "Re: Proposal: Linux Kernel Patch Management System"
• Next in thread: almesber@lrc.di.epfl.ch: "Re: Proposal: Linux Kernel Patch Management System"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Sep 15 2000 - 21:00:24 EST