From owner-freebsd-hackers@FreeBSD.ORG  Sat May 24 16:21:21 2003
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4A0C937B401
	for <freebsd-hackers@freebsd.org>;
	Sat, 24 May 2003 16:21:21 -0700 (PDT)
Received: from mta03-svc.ntlworld.com (mta03-svc.ntlworld.com [62.253.162.43])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 46C2543F75
	for <freebsd-hackers@freebsd.org>;
	Sat, 24 May 2003 16:21:20 -0700 (PDT)
	(envelope-from colin.percival@wadham.ox.ac.uk)
Received: from piii600.wadham.ox.ac.uk ([81.103.196.4])
	by mta03-svc.ntlworld.comESMTP
	<20030524232119.HTHW11246.mta03-svc.ntlworld.com@piii600.wadham.ox.ac.uk>
	for <freebsd-hackers@freebsd.org>;
	Sun, 25 May 2003 00:21:19 +0100
Message-Id: <5.0.2.1.1.20030525001512.01c8f820@popserver.sfu.ca>
X-Sender: cperciva@popserver.sfu.ca
X-Mailer: QUALCOMM Windows Eudora Version 5.0.2
Date: Sun, 25 May 2003 00:21:17 +0100
To: freebsd-hackers@freebsd.org
From: Colin Percival <colin.percival@wadham.ox.ac.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Subject: Secure cvsup access?
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 24 May 2003 23:21:21 -0000

   Is there any mechanism in place for secure cvsup access, and if so, who 
should I talk to about it?
   Right now I'm building and publishing binary security updates (see 
ports/security/freebsd-update) based on what I get via cvsup from one of 
the mirrors (not that there has been anything to publish for the past 
couple of months); this introduces the risk of dns and other attacks.

Colin Percival