Re: [PHP-DEV] CVS Account Request From: André Langhorst (A.Langhorst <email protected>)
Date: 11/15/00

> Security (and safety) are relative terms, they're never absolute.

anyway, an improvment over the current situation will be to limit "web"
cvs access to as few people as possible to avoid beeing "hacked" and
slashdotted afterwards, eg.
"surprisingly php releases a new verison - PHP 5 (3xt3nD4d) - featuring
warez, porn and building bombs"
guessing a private "hacker" does it would not generate any positive
effect for PHP I think :)

Remembering, 2 month ago, I was *really* surprised when Rasmus told me
to make changes to the php website myself, sure - I've had CVS access
and sure "phpweb" is in the CVS list, but I wouldn't have thought to
have access to the site itself, ok. - perhaps he knew I would not do any
harm, but anyone with CVS access could have tried if access is possible
editing the "links" section and then shut down the whole site while
rasmus is sleeping replacing it with anything else...

this should be done as fast as possibe (guessing the enemy is listening ;) )

andré 

-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>