[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: uploaded package handling

> Given the potential for trojan horse attacks, that's important.

From: Dale Scheetz <dwarf@polaris.net>
> This seems somewhat paranoid to me beside being redundant.

Please forgive me for being paranoid - it's a normal trait of the operating
system programmer.

> All transfers to master are now done via the maintainers login and password.

Note that these passwords are sent in the clear by the telnet program, and
anyone on a local net with a packet sniffer can pick them up.

> In principle I am opposed to such security measures in what is 
> substantially a public forum.

Note we are talking about identification, not encryption.

I think this is something we have to do to protect our users, ourselves,
and the CD manufacturers. If you don't understand the need for this, I
assert that it's because you haven't considered the possible scenarios,
and we should discuss them off the list.


Pixar Animation Studios: Reality is not our business.
Pixar's "Toy Story" $184.5M domestic, $66M overseas and counting.

Reply to: