On Wed, 3 Dec 2003, Logan Ingalls wrote:
Not that we're as large of a target for hackers, but one of Gentoo's central rsync servers was hacked yesterday:
http://lwn.net/Articles/61229/
I figured this might make a good time to ask: "How secure are cvsup.fukt.bth.se and crux.fh-regensburg.de?"
I hope it is a bit more secure than the other machines from gentoo or debian. I don't want to tell more details on a public mailing list. Only so much: it is a very minimalistic install and it is firewalled by a professional product (one of the best IMO). The good point is, that we only have shell scripts and text-files in our cvs-repository. If the Pkgfiles would be hacked, we should be able to detect the changes in cvs. Debian and GNU have large amounts of source code or even binary packages, what is a immense amount of work to check IMHO. Regards Martin -- martin opel / fachbereich informatik - fachhochschule regensburg / email: martin.opel@informatik.fh-regensburg.de / web: http://rfhs8012.fh-regensburg.de/~opel/