On 05/10 15:21, Anton Marchukov wrote: > Hello All. > > Maybe it is time to start providing general anonymous access to resources > over rsync protocol. > > Technically we can do the following: > > We now have resources files on a separate shared disk, we can create a new > vm specially for rsync (and possible move all other protocols there) and > then mount it read-only there so we mitigate any security risks and will > never be able to change files from that vm. This is how we planned to > improve resources initially. > > The only thing is that afaik rsync protocol is not authenticated and > encrypted. There is nothing secret on resources, but the files might be > tampered along the way and I am not sure all rpms there have crypto > signatures.
Only the official releases are signed, though I'm not 100% sure that will ensure integrity (I guess it does though, would be easy and highly beneficial) > > Anton. > > > On Tue, May 10, 2016 at 3:13 PM, Dotan Paz <[email protected]> wrote: > > > Hi, > > In order to support the RHEV CI's request to sync the repo to tlv, i'd > > need to have anonymous from tlv over rsync , IP : 82.81.161.50 > > > > Thanks > > > > -- > > > > Dotan Paz , Systems Administrator > > Labs & Capital Management , > > PnT DevOps > > Red Hat inc. > > > > > > > > > > > -- > Anton Marchukov > Senior Software Engineer - RHEV CI - Red Hat > _______________________________________________ > Infra mailing list > [email protected] > http://lists.ovirt.org/mailman/listinfo/infra -- David Caro Red Hat S.L. Continuous Integration Engineer - EMEA ENG Virtualization R&D Tel.: +420 532 294 605 Email: [email protected] IRC: dcaro|dcaroest@{freenode|oftc|redhat} Web: www.redhat.com RHT Global #: 82-62605
signature.asc
Description: PGP signature
_______________________________________________ Infra mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/infra
