On Tue, Apr 29, 2025 at 5:31 PM Karl Berry <k...@freefriends.org> wrote: > > and read-only access to the version control trees of other > public groups. > > I never knew this was a feature. That's great. >
It really is. > Don't the bots use anonymous https access, not creating an account? > If so, I wonder about adding all sv users to some placeholder group, > precisely so they can get non-anonymous access to other groups. I'm > aware that spammers create accounts so they can post comments and such, > but probably that set of bad guys doesn't care (know) about ssh access. > The suggestion of adding users to some "dummy" group in SV was floated recently RE the same trains of thought. The work the Bob has been doing to create read-only mirrors "off-network" from FSF's (to reduce network pressure) should also help significantly in (eventually) providing an alternate path for whatever crawling we do want to support that doesn't impact developers. At that point perhaps we can block certain direct use of Savanna's read-only services, either allowing still from people who've authenticated already from their present IP, or shutting those down entirely. Talking here of things like CGIT and CVSWEB that we probably want to continue hosting but which users have no reason not to accept the (sub-1s if I understand Bob's reports correctly) delay involved in not hitting Savannah directly. > I can't imagine the bots are ever going to go away ... -k > Too right.
