|
From: | Eric S. Johansson |
Subject: | [Gnu-arch-users] Re: WebDAV |
Date: | Fri, 09 Apr 2004 12:45:53 -0400 |
User-agent: | Mozilla Thunderbird 0.5 (Windows/20040207) |
Colin Walters wrote:
On Fri, 2004-04-09 at 11:56, Aaron Bentley wrote:Yet another instance where security is not simple.I don't think anyone ever claimed security was simple.
but you can make it simple. contrast pound vrs apache as a proxy. pound fails safe, apache does not.
so, lets figure out an "easy to make safe" arch repository. we are smart people after all.
I think "sftp" is a misleading name, since ftp doesn't permit remote command execution. Absent a secure shell, sftp is less secure in some ways.That's what rssh fixes; SELinux and my policy make it much more secure.
more complexity == less security.don't settle when you can build better. after all, if tom had settled, we would not have arch.
--- eric
[Prev in Thread] | Current Thread | [Next in Thread] |