Patrick Lauer wrote: > On Fri, 2006-06-09 at 16:14 -0400, Chris Gianelloni wrote: > [snip] >>> If someone wanted to exploit boxen he'd use a much simpler attack >>> vector ... our rsync mirrors are wide open. No need to secure the little >>> window over there when the front door is open ... >> Really? I'd like you to give me root on rsync.gentoo.org, then. What's >> that? You can't? What a wonder! > > I don't need that ... > Look, three-step plan to hacking Gentoo boxen: > > 1) open a few rsync mirrors and get them into the official rotation
Actually, the only rotation you can get on is a community one (which minimizes the amount of users). All the servers under rsync.g.o are strictly controlled by infra. So nice try ... -- Lance Albertson <[EMAIL PROTECTED]> Gentoo Infrastructure | Operations Manager --- GPG Public Key: <http://www.ramereth.net/lance.asc> Key fingerprint: 0423 92F3 544A 1282 5AB1 4D07 416F A15D 27F4 B742 ramereth/irc.freenode.net
signature.asc
Description: OpenPGP digital signature
