From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Fooss-0002K4-Ny for garchives@archives.gentoo.org; Fri, 09 Jun 2006 21:51:15 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.6/8.13.6) with SMTP id k59Lg76Z027783; Fri, 9 Jun 2006 21:42:07 GMT Received: from smtp04.gnvlscdb.sys.nuvox.net (smtp.nuvox.net [64.89.70.9]) by robin.gentoo.org (8.13.6/8.13.6) with ESMTP id k59LOY4I030069 for ; Fri, 9 Jun 2006 21:24:34 GMT Received: from cgianelloni.nuvox.net (216.215.202.4.nw.nuvox.net [216.215.202.4]) by smtp04.gnvlscdb.sys.nuvox.net (8.12.11.20060308/8.12.11) with SMTP id k59LOoV1001007 for ; Fri, 9 Jun 2006 17:24:50 -0400 Received: by cgianelloni.nuvox.net (sSMTP sendmail emulation); Fri, 9 Jun 2006 17:22:19 -0400 Subject: Re: [gentoo-dev] Project Sunrise thread -- a try of clarification From: Chris Gianelloni To: gentoo-dev@lists.gentoo.org In-Reply-To: <1149886303.32544.7.camel@localhost> References: <44887368.9030302@gentoo.org> <1149803837.19443.101.camel@cgianelloni.nuvox.net> <4488A4F3.5060908@gentoo.org> <1149811589.19102.23.camel@vertigo.twi-31o2.org> <1149841698.9743.20.camel@localhost> <1149870017.22473.22.camel@cgianelloni.nuvox.net> <1149874871.9743.77.camel@localhost> <1149884042.22473.150.camel@cgianelloni.nuvox.net> <1149886303.32544.7.camel@localhost> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-n1INOJzeedu2+LGT/GBj" Organization: Gentoo Linux Date: Fri, 09 Jun 2006 17:22:18 -0400 Message-Id: <1149888139.22473.181.camel@cgianelloni.nuvox.net> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.6.1 X-Archives-Salt: 6e0e6252-f2f8-4ce7-a8a4-f0b73f29de8e X-Archives-Hash: 2257279a4158bce772222866bd75cf8c --=-n1INOJzeedu2+LGT/GBj Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Fri, 2006-06-09 at 22:51 +0200, Patrick Lauer wrote: > On Fri, 2006-06-09 at 16:14 -0400, Chris Gianelloni wrote: > [snip] > > > If someone wanted to exploit boxen he'd use a much simpler attack > > > vector ... our rsync mirrors are wide open. No need to secure the lit= tle > > > window over there when the front door is open ... > >=20 > > Really? I'd like you to give me root on rsync.gentoo.org, then. What'= s > > that? You can't? What a wonder! >=20 > I don't need that ... > Look, three-step plan to hacking Gentoo boxen: >=20 > 1) open a few rsync mirrors and get them into the official rotation Umm... the rsync servers in rsync.gentoo.org are all controlled by infra now. If you're using another rsync server (read, untrusted) then you get what you deserve. ;] --=20 Chris Gianelloni Release Engineering - Strategic Lead x86 Architecture Team Games - Developer Gentoo Linux --=-n1INOJzeedu2+LGT/GBj Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQBEieaKkT4lNIS36YERAiXxAKClf4aynRm1rpdPemmWlYPW4koNiACdERCb nuuuNO7n/TyBqJ+Kn7Hm9vs= =byX/ -----END PGP SIGNATURE----- --=-n1INOJzeedu2+LGT/GBj-- -- gentoo-dev@gentoo.org mailing list