Date: Tue, 18 Nov 2003 16:42:52 +0000 From: Colin Percival <colin.percival@wadham.ox.ac.uk> To: "M. Warner Losh" <imp@bsdimp.com>, des@des.no Cc: colin.percival@wadham.ox.ac.uk Subject: Re: Secure updating of OS and ports Message-ID: <5.0.2.1.1.20031118163606.031db020@popserver.sfu.ca> In-Reply-To: <20031118.093202.131522893.imp@bsdimp.com> References: <xzp7k1yxdev.fsf@dwp.des.no> <5.0.2.1.1.20031117165641.03101720@popserver.sfu.ca> <xzp7k1yxdev.fsf@dwp.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:32 18/11/2003 -0700, M. Warner Losh wrote: >cvsup is secure from everything except man in the middle or >redirection attacks. When you run cvsup over an ssh-tunnel, you can >solve these problems if you trust the cvsup running on the localhost >you ssh to. In other words, cvsup -- as the general public uses it -- is secure, provided that you trust your DNS servers, the FreeBSD DNS servers, the cvsup mirror you access, and everyone with access to the local network segments on which the above reside. It's *almost* as secure as http -- but not quite, since the mirror system provides another point of attack. If everyone used ssh tunnels to cvsup-master, this wouldn't be an issue... but that isn't an option. Colin Percival
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.1.20031118163606.031db020>