From owner-freebsd-questions@FreeBSD.ORG  Thu Mar 17 01:08:51 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BFBA016A4CE
	for <questions@freebsd.org>; Thu, 17 Mar 2005 01:08:51 +0000 (GMT)
Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.206])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2B71043D46
	for <questions@freebsd.org>; Thu, 17 Mar 2005 01:08:51 +0000 (GMT)
	(envelope-from nocmonkey@gmail.com)
Received: by rproxy.gmail.com with SMTP id b11so341911rne
        for <questions@freebsd.org>; Wed, 16 Mar 2005 17:08:50 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=beta; d=gmail.com;
	h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references;
	b=YgjSCAARQ+NG21GUySapRzmJc31FKpmzwvVWFTJmDEOdOzP6SdbhQB0l33SPB6y7OgdWBzYCxHtKEPVOLQbqVPfzY2xpxdJ66knh2QYkQAlbNrKCpcCz108GNU16Wghw91ftI99xvqRmf7k4r3eZCh0StWvjnDbllJAAsVizzjs=
Received: by 10.38.102.12 with SMTP id z12mr1057047rnb;
        Wed, 16 Mar 2005 17:08:50 -0800 (PST)
Received: by 10.38.22.7 with HTTP; Wed, 16 Mar 2005 17:08:50 -0800 (PST)
Message-ID: <addc34c6050316170832b40507@mail.gmail.com>
Date: Wed, 16 Mar 2005 20:08:50 -0500
From: Danny <nocmonkey@gmail.com>
To: questions@freebsd.org
In-Reply-To: <20050317005927.GN91771@hub.freebsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
References: <addc34c605031615064b793c89@mail.gmail.com>
	 <20050316233556.GM91771@hub.freebsd.org>
	 <addc34c60503161549443a23b3@mail.gmail.com>
	 <20050317005927.GN91771@hub.freebsd.org>
cc: Kris Kennaway <kris@freebsd.org>
Subject: Re: Portsnap necessary? CVSup insecure?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Danny <nocmonkey@gmail.com>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Mar 2005 01:08:51 -0000

On Thu, 17 Mar 2005 00:59:27 +0000, Kris Kennaway <kris@freebsd.org> wrote:
> > On Wed, Mar 16, 2005 at 06:06:07PM -0500, Danny wrote:
> > When is the last time a FreeBSD CVSup server was compromised - if ever?
> 
> I don't know that it's ever happened.
> 
> I don't know that that's really the threat model you should care about
> anyway, since someone could compromise the master portsnap server as
> well, just not any mirrors (but these are currently nonexistent
> anyway, afaik).

Alright, I think it's safe to say that I'll just have to try it out
and see which one works best for me.  Hopefully I haven't caused any
unnecessary controversy, although I would like to hear other
comparisons between the two.

Thank you for your time, Kris.

...D