[clue-admin] CVS Publishing Script
Jeff Cann
j.cann at isuma.org
Fri Dec 17 05:31:49 MST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 17 December 2004 4:14 am, grant johnson wrote:
> I do not understand why it is a bad thing to have the CVS folders
> available to the world. The information in them should be benign.
> CVSROOT=/home/cvsroot or :pserver:anonymous at localhost:/home/cvsroot
> Nothhing all that secret or security dangerous there, especially if it
> is a locally mounted FS, even if it is a pserver, if it is publically
> open, someone who wants in will have already port scanned 2401.
Why give additional information to somone who wants to break in?
We already had a root kit installed on the old CLUE server, so I think it's
necessary to be cautious.
Jeff
- --
"Faith that does not affect a person's culture is a faith not fully embraced,
not entirely thought out, not faithfully lived."
- - Pope John Paul II
http://isuma.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQFBwtG4i4b9OApLCmoRAmtYAJ4whZak08iYwuT1Lt41B+5CUMMF2gCbBTGb
U7D3izbDnyVMHc92U/rdDG8=
=6/SV
-----END PGP SIGNATURE-----
More information about the clue-admin
mailing list