On Thu, Feb 19, 2004 at 12:42:23PM +0100, Andreas Barth wrote: > * Wouter Verhelst (wouter@grep.be) [040219 12:25]: > > On Thu, Feb 19, 2004 at 05:10:27AM +0100, Goswin von Brederlow wrote: > > [...ftp-master being restricted...] > > > Why not move wanna-build off ftp-master then? All it needs is the > > > quinn-diff output for accepted/autobuild and the main archive and > > > thats easily transfered through a strictly controled ssh connect, by > > > mail, via http or any number of other ways. > > > Because it takes time to set up, manage, and stuff like that. The > > archive scripts are probably already complex enough to not have to add > > that extra complexity. > > > > Also, injecting quinn-diff output into a local wanna-build is a lot > > faster than rsync'ing, scp'ing, or wget'ing it over to another system, > > and injecting it into the database there. > > The discussion today told me that restricting access to w-b for > buildds is done as a security measurement (as the ssh-access could be > abused after a break-in in a buildd). Please tell me if this is wrong, > as I'm not really knowing much about this system. That's how I understand it; but note that I didn't specifically ask James, so I could be wrong. > If this is the case, it should be IMHO be considered to change the > interface to w-b from now via command line (means: access via ssh is > necessary) to something via a SMTP-like protocol. Uh, thanks, but no thanks. I, personally, wouldn't want random people, or even random developers, to start messing with the wanna-build database. It's *good* that there are access controls. Yeah, they have their drawbacks, but that doesn't make them bad. -- Wouter Verhelst Debian GNU/Linux -- http://www.debian.org Nederlandstalige Linux-documentatie -- http://nl.linux.org "Stop breathing down my neck." "My breathing is merely a simulation." "So is my neck, stop it anyway!" -- Voyager's EMH versus the Prometheus' EMH, stardate 51462.
Attachment:
signature.asc
Description: Digital signature