[SAC] Re: Subject: [Technical Problem] can't register on trac
Frank Warmerdam
warmerdam at pobox.com
Tue Apr 10 02:38:48 EDT 2012
On 12-04-09 11:00 PM, Martin Spott wrote:
> On Mon, Apr 09, 2012 at 05:25:35PM -0700, Frank Warmerdam wrote:
>
>> I have, for the time being, re-enabled the new user script. You might
>> want to use it promptly before Martin disables it again.
>
> No, I won't disable it again. Anyhow I'd like to remind that, by
> running this setup, you/we are putting the crown jewels of OSGeo's
> authentication system at risk.
...
> Setting up cool stuff is one side of the medal, maintaining the stuff
> is the other side.
Martin,
First, it isn't like I dropped in to have the fun of writing these
scripts and then rocketted away to do my next fun thing somewhere
else. I wrote the LDAP interface scripts to fulfill need(s) that
no one else filled, and then I babied them along over the following
years.
When we moved the LDAP server from osgeo1 to the secure VM I had hoped
to also move the LDAP interface scripts there, but was told that it was
too insecure to run an http server on that system. I might have left them
on osgeo1 until a more suitable home was found, but I vaguely recall that
osgeo1 was no longer able to reach the LDAP server in a way suitable for
the scripts after the migration so they had to be moved somewhere.
I *am* aware the webextra server isn't particularly secure but I don't
have a particularly good solution within my skill set. Frankly I think
the right solution is to run some sort of minimum exposure http server
on the secure VM but I have tried to respect the ruling of whoever forbade
running a web server there.
I wish your tone didn't always didn't always paint me in the light of
being lazy and stupid - even if you are convinced that is the case.
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam at pobox.com
light and sound - activate the windows | http://home.gdal.org/warmerda
and watch the world go round - Rush | Geospatial Software Developer
More information about the Sac
mailing list