Re: ssh based access?

From: Karl Fogel <kfogel_at_newton.ch.collab.net>
Date: 2002-04-16 18:40:50 CEST

"Perry E. Metzger" <perry@wasabisystems.com> writes:
> actually understand the problem. If you want to ignore all that and
> just say "oh, no one has proven Apache has any more bugs, lets thumb
> our nose at those horrid security dweebs", well, you're acting like
> Microsoft.

Hee hee! I'm thinking of an obvious corrolary to Godwin's Law

http://www.tuxedo.org/jargon/html/entry/Godwin's-Law.html

now... :-)

Basically agree with Perry's points, though, bluntness of expression
aside. Saying "we don't know of any buffer overrun bugs in Apache"
isn't very meaningful compared with a real security audit. The more
lines of code, the more difficult the audit. So what can we conclude?
What we already knew: that we don't know for sure how secure
Subversion is.

Fine. But:

We're not going to suddenly start writing a new RA layer. We've got
enough to do before 1.0 as it is. Apache+Subversion is what you get
for now, unless you can volunteer the time to make an alternative.
(And if you choose the latter course, we're happy to help!)

-K

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Apr 16 18:37:23 2002

This message: [ Message body ]
Next message: cmpilato_at_collab.net: "Re: [PATCH] $EDITOR with spaces"
Previous message: Sander Striker: "RE: [PATCH] $EDITOR with spaces"
In reply to: Perry E. Metzger: "Re: ssh based access?"
Next in thread: Perry E. Metzger: "Re: ssh based access?"
Reply: Perry E. Metzger: "Re: ssh based access?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]