Re: ftp-master moved to newraff

To: debian-devel@lists.debian.org
Subject: Re: ftp-master moved to newraff
From: Branden Robinson <branden@debian.org>
Date: Wed, 28 Jan 2004 12:09:58 -0500
Message-id: <[🔎] 20040128170958.GF4060@deadbeast.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <87isix8eh1.fsf@shiri.gloaming.local>
References: <87isix8eh1.fsf@shiri.gloaming.local>

On Tue, Jan 27, 2004 at 05:54:02PM +0000, James Troup wrote:
> ftp-master has moved to newraff.
> 
> Sorry for the lack of notice.  Although migrating ftp-master to a more
> powerful and better connected machine was always a long term plan, it
> recently became much more immediately necessary.

Can someone elaborate on that, please?

> Tomorrow I'll unrestrict auric.

Are there any special functions auric is to serve now?

> With regards to newraff, I plan to leave that restricted for now.  I
> was serious about setting up a mirror and have been working on it (you
> can see an out-of-date copy on merkel).  And once that's in place, we
> can perhaps have a more meaningful discussion about the merits of
> restriction.

Does that mean the restriction will be more meritorious after a mirror
is set up than it is now?  :)

> newraff is, like spohr, a HP DL380 [Dual P4 2.8Ghz HT Xeon, 6Gb RAM,
> 6x147GB RAID 5 SCSI].  Many thanks to HP for donating it and Above.Net
> for hosting it.
> 
> Also many thanks to both Visi.net and Sun Microsystems for hosting
> and donating auric respectively.

Hear, hear.

I do wonder, however, if it is wise for all of our critical project
infrastructure to be running on the same machine architecture.  Didn't
the fact that ftp-master was not an i386 box potentially save our bacon
from a truly dreadful Trojan attack last November[1]?

Or is the situation that, while hardware diversification among our
infrastructural hosts would be good, we simply don't have sufficiently
beefy hardware of various other architectures to implement it?

Thanks for the update!

[1] N.B., I don't posit that those who exploited our machines had the
time or know-how to have perpetrated a malicious compromise of our
master archive, such that Trojaned packages could have been inserted
into our mirror network from the hub.  However, there *do* exist people
who would have such knowledge were they to gain such privileges on
ftp-master, and we cannot assume that all such people would not behave
maliciously, given the opportunity.

-- 
G. Branden Robinson                |    The basic test of freedom is
Debian GNU/Linux                   |    perhaps less in what we are free to
branden@debian.org                 |    do than in what we are free not to
http://people.debian.org/~branden/ |    do.                  -- Eric Hoffer

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: ftp-master moved to newraff
  - From: Ben Collins <bcollins@debian.org>
- Re: ftp-master moved to newraff
  - From: Josip Rodin <joy@srce.hr>

Prev by Date: Re: Module autoloading no longer work with kernel 2.6.x
Next by Date: Re: LILO + device-mapper support
Previous by thread: Bug#230093: ITP: webmin-snort, webmin-exim, webmin-virtualserver(virtualmin) -- modules for webmin
Next by thread: Re: ftp-master moved to newraff
Index(es):
- Date
- Thread