[aur-general] Git over HTTPS
grazzolini at gmail.com
Tue Jun 16 19:30:43 UTC 2015
Em 16-06-2015 14:20, Alan Jenkins escreveu:
> Also may I remind you that the focus of this conversation is allowing users
> in corporate environments access to be able to contribute to the AUR. These
> environments block SSH for multiple reasons but are able to allow HTTPS as
> they are able to more tightly regulate it.
There are literally tons of ways to tunnel out of a network. SSH is just
one of them. Instead of blocking anything, network admins should monitor
the traffic using netflow, and set alarms when too much data is leaving
the network. That would prevent a lot of data breaches. Or at least
minimize their impact.
Expecting to block something to avoid information breach, or any other
kind of data theft is dumb. Also, come on people. It's 2015. Doesn't
everybody also have a machine at home?
More information about the aur-general