Re: Proposal: Linux Kernel Patch Management System

From: Alan Cox (alan@lxorguk.ukuu.org.uk)
Date: Thu Sep 14 2000 - 10:46:30 EST


> On Wed, Sep 13, 2000 at 11:50:58PM +0100, Alan Cox wrote:
> > Another problem is that bitkeeper has not been through a security audit.
>
> Maybe, but i like the fact that BitKeeper uses ssh by default for
> transmitting data.

That isnt the problem. Its what is in the source data you have to worry about.
CVS also uses SSH happily. That doesn't stop attacks on either by feeding the
server/input side bogus metadata

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Fri Sep 15 2000 - 21:00:24 EST