Fossil SCM
EDITED www/server.wiki fixed formating and created ticket (I don't see the ticket in commit)
Commit
3f49a849954f0fb8c5c19cf3e80722c5efb74284
Parent
029448a39434030…
1 file changed
+6
-2
+6
-2
| --- www/server.wiki | ||
| +++ www/server.wiki | ||
| @@ -94,16 +94,20 @@ | ||
| 94 | 94 | <p> |
| 95 | 95 | At this stage, the standalone server (e.g. "fossil server") does not support SSL. |
| 96 | 96 | </p> |
| 97 | 97 | </blockquote> |
| 98 | 98 | |
| 99 | -<h2>Various security concerns with hosted repositories</h2><blockquote> | |
| 99 | +<h2>Various security concerns with hosted repositories</h2> | |
| 100 | + | |
| 101 | +<blockquote> | |
| 102 | + | |
| 100 | 103 | <p> |
| 101 | 104 | There are two main concerns relating to usage of Fossil for sharing sensitive information (source or any other data): |
| 102 | 105 | <ul> |
| 103 | 106 | <li>Interception of the Fossil synchronization stream, thereby capturing data, and |
| 104 | -</ul>Direct access to the Fossil repository on the server | |
| 107 | +<li>Direct access to the Fossil repository on the server | |
| 108 | +</ul> | |
| 105 | 109 | </p> |
| 106 | 110 | <p> |
| 107 | 111 | Regarding the first, it is adequate to secure the server using SSL, and disallowing any non-SSL access. The data stream will be encrypted by the HTTPS protocol, rendering the data reasonably secure. The truly paranoid may wish to deploy <i>ssh</i> encrypted tunnels, but that is quite a bit more difficult and cumbersome to set up (particularly for a larger number of users). |
| 108 | 112 | </p> |
| 109 | 113 | <p> |
| 110 | 114 |
| --- www/server.wiki | |
| +++ www/server.wiki | |
| @@ -94,16 +94,20 @@ | |
| 94 | <p> |
| 95 | At this stage, the standalone server (e.g. "fossil server") does not support SSL. |
| 96 | </p> |
| 97 | </blockquote> |
| 98 | |
| 99 | <h2>Various security concerns with hosted repositories</h2><blockquote> |
| 100 | <p> |
| 101 | There are two main concerns relating to usage of Fossil for sharing sensitive information (source or any other data): |
| 102 | <ul> |
| 103 | <li>Interception of the Fossil synchronization stream, thereby capturing data, and |
| 104 | </ul>Direct access to the Fossil repository on the server |
| 105 | </p> |
| 106 | <p> |
| 107 | Regarding the first, it is adequate to secure the server using SSL, and disallowing any non-SSL access. The data stream will be encrypted by the HTTPS protocol, rendering the data reasonably secure. The truly paranoid may wish to deploy <i>ssh</i> encrypted tunnels, but that is quite a bit more difficult and cumbersome to set up (particularly for a larger number of users). |
| 108 | </p> |
| 109 | <p> |
| 110 |
| --- www/server.wiki | |
| +++ www/server.wiki | |
| @@ -94,16 +94,20 @@ | |
| 94 | <p> |
| 95 | At this stage, the standalone server (e.g. "fossil server") does not support SSL. |
| 96 | </p> |
| 97 | </blockquote> |
| 98 | |
| 99 | <h2>Various security concerns with hosted repositories</h2> |
| 100 | |
| 101 | <blockquote> |
| 102 | |
| 103 | <p> |
| 104 | There are two main concerns relating to usage of Fossil for sharing sensitive information (source or any other data): |
| 105 | <ul> |
| 106 | <li>Interception of the Fossil synchronization stream, thereby capturing data, and |
| 107 | <li>Direct access to the Fossil repository on the server |
| 108 | </ul> |
| 109 | </p> |
| 110 | <p> |
| 111 | Regarding the first, it is adequate to secure the server using SSL, and disallowing any non-SSL access. The data stream will be encrypted by the HTTPS protocol, rendering the data reasonably secure. The truly paranoid may wish to deploy <i>ssh</i> encrypted tunnels, but that is quite a bit more difficult and cumbersome to set up (particularly for a larger number of users). |
| 112 | </p> |
| 113 | <p> |
| 114 |