From owner-freebsd-questions@FreeBSD.ORG  Wed Mar 16 23:35:56 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 758)
	id 5909B16A4CF; Wed, 16 Mar 2005 23:35:56 +0000 (GMT)
Date: Wed, 16 Mar 2005 23:35:56 +0000
From: Kris Kennaway <kris@FreeBSD.org>
To: Danny <nocmonkey@gmail.com>
Message-ID: <20050316233556.GM91771@hub.freebsd.org>
References: <addc34c605031615064b793c89@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <addc34c605031615064b793c89@mail.gmail.com>
User-Agent: Mutt/1.4.2.1i
cc: FreeBSD-questions <questions@freebsd.org>
Subject: Re: Portsnap necessary? CVSup insecure?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2005 23:35:56 -0000

On Wed, Mar 16, 2005 at 06:06:07PM -0500, Danny wrote:
> With regards to: http://www.daemonology.net/portsnap/
> 
> Should I be concerned about my servers that use CVSup?  Do the FreeBSD
> guru's refuse to use CVSup, or is this overkill?

Depends on your threat model, i.e. what are you afraid of?  If it's
something that cvsup doesn't protect against, and portsnap does, then
use the latter.

Kris

--
In God we Trust -- all others must submit an X.509 certificate.
    -- Charles Forsythe <forsythe@alum.mit.edu>