Re: cvs security - ssh vs pserver?

To: debian-user@lists.debian.org
Cc: Dave Sherohman <esper@sherohman.org>, "Eric G. Miller" <egm2@jps.net>
Subject: Re: cvs security - ssh vs pserver?
From: Dimitri Maziuk <dmaziuk@yola.bmrb.wisc.edu>
Date: Thu, 29 Nov 2001 16:16:48 -0600
Message-id: <[🔎] 20011129161648.C10823@bmrb.wisc.edu>
Mail-followup-to: debian-user@lists.debian.org, Dave Sherohman <esper@sherohman.org>, "Eric G. Miller" <egm2@jps.net>
Reply-to: dmaziuk@yola.bmrb.wisc.edu
In-reply-to: <[🔎] 20011129214946.A4780@fishbowl.madduck.net>
References: <[🔎] 20011127015150.A3681@dirac.org> <[🔎] 20011127101421.A6350@bmrb.wisc.edu> <[🔎] 20011127194123.4ea8f109.egm2@jps.net> <[🔎] 20011128115851.C24003@fishbowl.madduck.net> <[🔎] 20011128104402.B8135@bmrb.wisc.edu> <[🔎] 20011129040953.B26177@fishbowl.madduck.net> <[🔎] 20011129094717.B26725@sherohman.org> <[🔎] 20011129214946.A4780@fishbowl.madduck.net>

* martin f krafft (madduck@madduck.net) spake thusly:
...
> okay, so potentially *everyone* has access to the data, the you may
> just as well run pserver as nobody, since you only give out read-only
> access... why the hazzle of ssh in the first place. 
...
> you can surely do it, but i was addressing dmitri's critique that i
> supposedly misinterpret the word "private". encryption is secure
> communication, there is nothing to say against that, but pk addresses
> the problem of a shared secret. publishing the private key surely does
> what you want, but it's also turning pk encryption into a useless
> endeavour. with such a setup you gain nothing, not even integrity or
> privacy of the trasmitted data (aside from everyone being able to pull
> it)... if i have the private key, i can hijack, sniff, and interfere
> with encrypted sessions at my pleasure.

(So? They are just anonymous lusers downloading stuff from my
CVS repository. Feel free to hijack, sniff and whatever.)

You are still missing the point. Hopefully, you've read my post by
now, but I'll reiterate.

CVS documentation states that pserver plus write access to CVS
repository can be subverted to execute arbitrary code on the
server. The point of using ssh is to get rid of pserver, not
to encrypt the actual downloads (that would be rather pointless,
no?) Of course ssh will still do the encryption, but that's 
just a side-effect.

> did you read the last 2-3 posts pertaining to exactly this issue? my
> point is that you are about as anonymous with many-to-one as
> one-to-many because of IP-addresses and the general difficulty of (a)
> accessing the info *which* identity connected, and (b) mapping that
> identity to a user. sure, with many-to-one you have the possibility,
> but you'd have to jump through hoops to make it non-anonymous...

Well, yeah. The diffrence is mainly in user's perception: in one
case you don't give your e-mail/password/private key/whatever out
to the Evil Big Brother CVS Repository(tm), in the other, you do.

Dima
-- 
We're sysadmins. Sanity happens to other people.                  -- Chris King

Reply to:

Follow-Ups:
- Re: cvs security - ssh vs pserver?
  - From: Dimitri Maziuk <dmaziuk@yola.bmrb.wisc.edu>

References:
- cvs security - ssh vs pserver?
  - From: Peter Jay Salzman <p@dirac.org>
- Re: cvs security - ssh vs pserver?
  - From: Dimitri Maziuk <dmaziuk@yola.bmrb.wisc.edu>
- Re: cvs security - ssh vs pserver?
  - From: "Eric G. Miller" <egm2@jps.net>
- Re: cvs security - ssh vs pserver?
  - From: martin f krafft <madduck@madduck.net>
- Re: cvs security - ssh vs pserver?
  - From: Dimitri Maziuk <dmaziuk@yola.bmrb.wisc.edu>
- Re: cvs security - ssh vs pserver?
  - From: martin f krafft <madduck@madduck.net>
- Re: cvs security - ssh vs pserver?
  - From: Dave Sherohman <esper@sherohman.org>
- Re: cvs security - ssh vs pserver?
  - From: martin f krafft <madduck@madduck.net>

Prev by Date: tomcat installation
Next by Date: Re: Games - A question
Previous by thread: Re: cvs security - ssh vs pserver?
Next by thread: Re: cvs security - ssh vs pserver?
Index(es):
- Date
- Thread