On Wed, Mar 16, 2005 at 06:49:05PM -0500, Danny wrote:
> On Wed, 16 Mar 2005 23:35:56 +0000, Kris Kennaway <[EMAIL PROTECTED]> wrote:
> > On Wed, Mar 16, 2005 at 06:06:07PM -0500, Danny wrote:
> > > With regards to: http://www.daemonology.net/portsnap/
> > >
> > > Should I be concerned about my servers that use CVSup? Do the FreeBSD
> > > guru's refuse to use CVSup, or is this overkill?
> >
> > Depends on your threat model, i.e. what are you afraid of?
>
> I will respond to your question with a question to hopefully answer
> both of our questions. :)
>
> When is the last time a FreeBSD CVSup server was compromised - if ever?
I don't know that it's ever happened.
I don't know that that's really the threat model you should care about
anyway, since someone could compromise the master portsnap server as
well, just not any mirrors (but these are currently nonexistent
anyway, afaik).
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <[EMAIL PROTECTED]>
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
