[LINK] Wikileaks mirrors, recap and update
Rick Welykochy
rick at praxis.com.au
Tue Dec 7 20:27:58 AEDT 2010
Ben McGinnes wrote:
> It's worth reminding anyone considering this that the WikiLeaks
> preferred method of updating these mirror sites involves creating a
> shell account on this system. There is no statement from either
> Assange or WikiLeaks saying that use of these accounts will be limited
> to updating the mirror site.
I agree that you must really know what you are doing and understand
the security implications of allowing a WikiLeaks mirror loose on your
own server.
That said, I don't think they require a shell. Rather:
1. use RSYNC + SSH (lock the ssh session down to RSYNC only in the
ssh config file)
2. or use FTP
Not a shell in sight.
> Server administrators should think *very* carefully about the
> implications of doing this before proceeding.
Indeed. It is easy to misconfigure SSH to allow shell access
unintentionally. Also, a rogue at WikiLeaks could DoS your machine
if they wanted to, by filling up the disk. Which would not reflect
very well their organisation.
Aside: what is this enigmatic digest?
* bubblebabble digest :
+--[ RSA 2048]----+
| |
| . |
|o . . |
| = . . |
|E . . o S |
|.+ + . + |
|..B + |
|o=+o |
|B* |
+-----------------+
AFAIK, bubblebabble looks like this: ek-da-tri-nik-no-nu
cheers
rickw
>
>
> Regards,
> Ben
>
>
>
>
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
--
_________________________________
Rick Welykochy || Praxis Services
When the government fears the people, there is liberty.
When the people fear the government, there is tyranny.
-- Thomas Jefferson
More information about the Link
mailing list