[ On Monday, May 15, 2000 at 09:46:15 (-0400), Noel L Yap wrote: ]
> Subject: Re: CVS security: networked filesystems like AFS, client server, ssh
>
> [EMAIL PROTECTED] on 05/14/2000 09:50:23 PM
> >CVS with its own dedicated socket/port
> > run across SSH
> >
> > Transport secured, but the CVS socket/port
> > is open to the world on the remote machine,
> > and hence is insecure there, and on the
> > remote machine's network.
>
> If the data stream is encrypted, why do you call this insecure? How secure is
> secure?
The CVS socket on the remote machine will happily encrypt an attacker's
connection just as it will the encrypt a legitimate user's connection.
I.e. in that configuration it's still only as secure as the remote
machine, which if it's multi-user then it's not secure at all.
--
Greg A. Woods
+1 416 218-0098 VE3TCP <[EMAIL PROTECTED]> <robohack!woods>
Planix, Inc. <[EMAIL PROTECTED]>; Secrets of the Weird <[EMAIL PROTECTED]>
