Recent security announcement and csup/cvsup?
M. Schulte
m-freebsd at fuglos.org
Sat Nov 17 15:43:50 UTC 2012
Hi,
> Can someone explain why the cvsup/csup infrastructure is considered
> insecure [...]
Speaking of cvsup security -- correct me if I'm wrong, but as far as I
know cvsup is generally vulnerable to man-in-the-attacks[0]. Hence I'd
be very happy about more and more people moving over to the portsnap
camp.
Best,
mel
[0] http://en.wikipedia.org/wiki/Portsnap
http://unix.derkeiler.com/Mailing-Lists/FreeBSD/stable/2003-11/0287.html
More information about the freebsd-security
mailing list