[Trimming lists]
On Sat, 30 Aug 2008, Bastian Blank wrote:
> On Sat, Aug 30, 2008 at 02:32:08PM +0200, Peter Palfrader wrote:
> > - install sendfile/saft on all machines so you can do
> > sendfile foo.tar.gz [EMAIL PROTECTED]
> >
> > The crypto stuff could be alleviated by using ipsec between all our
> > servers. But that works even less well than you'd expect.
>
> The machines needs to check DNSSEC or the names can be spoofed which
> makes ipsec mood.
Or you use only resolvers that you have a trusted (i.e. ipsec)
connection to and those need to have a complete axfr'ed zone.
As hinted in the original email, I don't think ipsec (or stunnel) are
useful solutions to help us make sendfile suck less.
> > - setup afs
> >
> > pros: + AFS is cool
>
> Yeah. You can make read-only snapshots for backup purposes.
Probably not useful for a transfer share. But if it ever grows beyond
that that might be useful.
> > - AFS suffers from the not-a-filesystem syndrome: file access
> > control is not unix-like and will confuse users.
>
> Also other parts are not really POSIX-like. Hardlinks or so.
Direct consequence of its permission model I'd assume.
> > What other options did we forget?
>
> - Setup Kerberos, allow it as an additional ssh login variant
Circumvents the entire idea behind this exercise: Assuming an attacker
already has control over one host we want to make it as hard as possible
for them to jump to other hosts.
--
| .''`. ** Debian GNU/Linux **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
