[Support-mirrors] mirror setup questions
Vince Hoang
vince at litrium.com
Tue Jan 17 14:32:47 EST 2006
I am interested in helping mirroring RubyForge. I like the idea
of using a mirror master to offloa the bandwidth requirements to
a faster host, but would greatly prefer pulling the mirror than
having it pushed.
With the current URL schema of
http://mirror/projectname/filename, would I need to setup a
separate virtual host for it, rather than use something like
http://mirror/rubyforge/projectname/filename?
Lastly, I believe the documented rsync setup leaves the
mirror vulnerable to malicious behavior. The 'hosts allow'
option should only list IP addresses. If I know the contents
of the rsync.secret file, I can resolve my IP address to
rubyforge.lauschmusik.de and overwrite the contents of any mirror
that uses the listed configuration:
[file-mirror]
path = /var/www/rubyforge/htdocs
auth users = rubyforge
secrets file = /var/www/rubyforge/etc/rsync.secrets
hosts allow = rubyforge.lauschmusik.de
hosts deny = *
-Vince
More information about the Support-mirrors
mailing list