| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Git cvsserver serious issue |
| Date: | 2010-09-23 09:54:08 |
| Message-ID: | AANLkTik5DYN4i2yOR4udMM5WLo7NDxXiyv_3d=VwugbQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | buildfarm-members pgsql-hackers |
On Thu, Sep 23, 2010 at 11:27, Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:
>
>
> On 09/23/2010 02:09 AM, Magnus Hagander wrote:
>>
>> On Thu, Sep 23, 2010 at 04:59, Andrew Dunstan<andrew(at)dunslane(dot)net> wrote:
>>>>>
>>>>> Also, couldn't we just set up the cvsserver on its own VM with a
>>>>> limited
>>>>> amount of disk space, and not worry too much about any "DOS threat"?
>>>>> If somebody does do this, block them and reinitialize that server.
>>>>
>>>> We could do that, but that could end up fighting a losing battle in
>>>> case some bot hits it.
>>>>
>>>> I don't like deploying something with a known issue on it, sandboxed or
>>>> not.
>>>>
>>> Thinking about this some more, how about we do non-anonymous CVS over SSH
>>> access to the git-cvsserver for the few buildfarm members that can't
>>> currently handle using git (e.g. spoonbill)?
>>
>> Well, if we do that centrally, we are back to a dedicated VM (hint:
>> we're most certainly not adding non-personal no-password accounts to
>> one of the VMs used for critical services - it's bad enough we have
>> Bruce's account there :P).
>>
>> I assume most buildfarm clients are off static IPs (at least as seen
>> from the servers - they may be behind a NAT device, but that one
>> having static out)? If so, it seems simply easier to use pserver...
>>
>
> Yes, I think we should have a VM. Is that so hard to do in these days of Xen
> etc? I'm surprised we can't run up a VM pretty much at the drop of a hat.
In the new infrastructure, it is.
The main resource that's limited really is IP addresses ;)
> I was suggesting that the accounts would be protected using ssh keys.
> Password and IP address protection seem pretty weak to me. Passwords can be
> sniffed or attacked using brute force. IP addresses can be spoofed. But
> you're the SA, not me.
I prefer keys. But I don't want those users on the same VM as
important services, because passphrase-less keys are a lot more likely
to be compromised than the keys of say a regular committer...
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2010-09-23 13:01:25 | Re: [Pgbuildfarm-members] buildfarm git clones layout |
| Previous Message | Andrew Dunstan | 2010-09-23 09:27:18 | Re: Git cvsserver serious issue |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2010-09-23 09:55:21 | Re: Per-column collation, work in progress |
| Previous Message | Dimitri Fontaine | 2010-09-23 09:49:09 | Re: Standby registration |