[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Work Machine - Part2



> -----Original Message-----
> From: Jeremy D. Zawodny []
> Sent: Wednesday, May 31, 2000 4:14 PM
> To: Gregory Leblanc
> Cc: ldp-discuss@lists.linuxdoc.org
> Subject: Re: Work Machine - Part2
> 
> On Wed, May 31, 2000 at 02:51:49PM -0700, Gregory Leblanc wrote:
> 
> > I don't know maybe it is.  I'm not sure why it makes sense to
> > maintain our own server and not have everything on that server.
> > Personally, if the LDP has a machine, why not make that machine the
> > LDP machine for anything and everything that we do?
> 
> If you plan to let authors on to the machine so that they can access a
> working and well-maintained SGML toolset, then I'd suggest keeping
> that separate from the machine that is www.linuxdoc.org.
> 
> Or is that no longer under consideration?

I'm sure it's still under consideration, but why?  Assuming that you do a
reasonably decent job setting up security, it would be pretty darn hard for
people to get anywhere.  My thoughts on accounts for authors would be that
they get a shell with access to the LDP processing scripts, and perhaps
webspace/ftpspace where they can upload/download their sgml and the output
produced from it.  We certainly shouldn't allowing plain-text passwords
transmitted over the wire.  Yeah, with more people on the server there's
more of a chance that somebody hacks it and breaks something, but with a
decent security policy that shouldn't be much of an issue.  And with 200
mirrors worldwide, and I'm assuming some sort of tape-backup with reasonably
secure storage, I'd think that we could recover from an attack without too
much hassle.
        Greg


--  
To UNSUBSCRIBE, email to ldp-discuss-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org