[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-devel] LXR-type source code browsing



> I've never been very convinced about the security of LXR. Do you reckon
> we'd get away with running one on the public internet? Do you know
> whether lxr.linpro.no have had problems?

Offhand I'm not aware of any, though they have occasionally pushed updates 
that remove vulnerabilities (i.e., version 0.3.1, Mar 2003).  The 
lxr.linpro.no site replaced what used to be lxr.linux.no site [for what 
seems to be bandwidth-related reasons], and they have an LXR repository 
hosted at mozilla.org -- both are popular sites, so my guess is security 
problems would crop up more often if LXR was indeed prone to them.

As you point out, Xen provides an ideal environment for opening access to 
a sandboxed LXR webserver.  :-)

What is the timeline for deploying the new server?  Access to the LXR 
repository is something I would find immediately useful.

JLG

P.S. Is there a problem with the mail at sourceforge?  My posts to 
xen-devel made it out immediately in December, but today the lag is 45 
minutes or more.



-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.