[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-hackers] Re: address@hidden: gnudist:/home/www/html/server/sta
|
From: |
loic |
|
Subject: |
[Savannah-hackers] Re: address@hidden: gnudist:/home/www/html/server/standards/README.savannah.html -- recent changes] |
|
Date: |
Wed, 21 Mar 2001 19:09:21 +0100 (CET) |
Leonard H. Tower Jr. writes:
> From: address@hidden
> Date: Wed, 21 Mar 2001 08:29:28 +0100 (CET)
> cc: address@hidden
>
> Leonard H. Tower Jr. writes:
> > Hi Loic,
> >
> > Just wanted to note that publicizing the location of the MySQL
> > database on www.gnu.org increases the security risk of some cracker or
> > vandal geting the Savannah database and running a dictionary attack
> > against it.
>
> You're right. I fixed the document and moved that bit of information to
> fp:/gd/gnuorg/sysadmin/sysadmin.texi.
>
> Your call. This is one of those borderline cases where the size of
> the risk isn't clear.
>
> Do gnudist:/home/www/html/server/standards/README.savannah.html and
> ftp:/gd/gnuorg/sysadmin/sysadmin.texi cross reference one another?
> The usefulness for newcomers seems much greater then the security
> risk.
It does yes. I figure the fact that you need to login on fp to see
the document is secure enough. You agree ?
--
Loic Dachary http://www.dachary.org/ address@hidden
24 av Secretan http://www.senga.org/ address@hidden
75019 Paris Tel: 33 1 42 45 09 16 address@hidden
GPG Public Key: http://www.dachary.org/loic/gpg.txt