|
From: | Aaron Bentley |
Subject: | Re: [Gnu-arch-users] Re: WebDAV |
Date: | Fri, 09 Apr 2004 12:32:29 -0400 |
User-agent: | Mozilla Thunderbird 0.5 (X11/20040306) |
Colin Walters wrote:
On Fri, 2004-04-09 at 11:56, Aaron Bentley wrote:Yet another instance where security is not simple.I don't think anyone ever claimed security was simple.
Eric Johansson seems to think it could be simpler.
I think "sftp" is a misleading name, since ftp doesn't permit remote command execution. Absent a secure shell, sftp is less secure in some ways.That's what rssh fixes; SELinux and my policy make it much more secure.
That's not really a response to "Absent a secure shell, sftp is less secure in some ways." I know about rssh, and it's good that sftp can be secured. It's bad that it's not secure by default.
Aaron
[Prev in Thread] | Current Thread | [Next in Thread] |