Return-Path: 
 <geronimo-dev-return-5266-apmail-incubator-geronimo-dev-archive=incubator.apache.org@incubator.apache.org>
Delivered-To: apmail-incubator-geronimo-dev-archive@www.apache.org
Received: (qmail 85498 invoked from network); 26 Nov 2003 02:39:43 -0000
Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12)
  by minotaur-2.apache.org with SMTP; 26 Nov 2003 02:39:43 -0000
Received: (qmail 85570 invoked by uid 500); 26 Nov 2003 02:38:56 -0000
Delivered-To: apmail-incubator-geronimo-dev-archive@incubator.apache.org
Received: (qmail 85509 invoked by uid 500); 26 Nov 2003 02:38:55 -0000
Mailing-List: contact geronimo-dev-help@incubator.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:geronimo-dev-help@incubator.apache.org>
list-unsubscribe: <mailto:geronimo-dev-unsubscribe@incubator.apache.org>
list-post: <mailto:geronimo-dev@incubator.apache.org>
Reply-To: geronimo-dev@incubator.apache.org
Delivered-To: mailing list geronimo-dev@incubator.apache.org
Received: (qmail 85495 invoked from network); 26 Nov 2003 02:38:55 -0000
Received: from unknown (HELO mail.devtech.com) (66.112.202.2)
  by daedalus.apache.org with SMTP; 26 Nov 2003 02:38:55 -0000
Received: from localhost ([127.0.0.1])
          by mail.devtech.com (JAMES SMTP Server 2.2.0-dev) with SMTP ID 483
          for <geronimo-dev@incubator.apache.org>;
          Tue, 25 Nov 2003 21:39:02 -0500 (EST)
From: "Noel J. Bergman" <noel@devtech.com>
To: <geronimo-dev@incubator.apache.org>
Subject: RE: [committers] can you build the website?
Date: Tue, 25 Nov 2003 21:39:03 -0500
Message-ID: <NBBBJGEAGJAKLIDBKJOPMEMJFJAB.noel@devtech.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0)
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Importance: Normal
In-Reply-To: 
 <OF52F22EFE.DB103A5B-ONCA256DEA.00033898-CA256DEA.00041A27@multitask.com.au>
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

> > 2 - Security:
> >      Sites should never be pushed on the main site but pulled from
> >      it. This is for security reasons, so that a cron job can be made
> >      to update the site from a staging server without any access to the
> >      server machine.

> Huh? Sites are pushed on the main server all the time using Maven. What's
> the issue with that from a security perspective? All communications is
> done over SSH...

Missing context: he was thinking of the situation where someone had a public
server with an SSH private key for doing this.  No problem if someone pushes
content from their personal machine somewhere, at least security-wise.

	--- Noel