[distcc] Security again

Dan Kegel dank at kegel.com
Sat Apr 3 07:03:04 GMT 2004

http://distcc.samba.org/security.html gives a good overview of
distcc's security situation.
Apple's Rendezvous patches, I believe, open up even more security holes.

Kerberos is fairly widely deployed (at least by Active Directory).
It is somewhat tempting to kerberize distcc to try to protect
the distcc servers from being hacked by unauthorized users' input,
and to ssl-enable distcc to try to protect authorized users' source
code from prying eyes.

It would be nice if we could secure distcc without slowing it down,
as I believe ssh does.
To avoid the overhead of repeatedly starting up ssl/ssh connections
and authenticating, it might be nice to cache connections for
reuse.  That'd mean having a resident connection daemon which either
acts as a proxy, or just passes an already-open socket to
the distcc client on request, and accepts it back from the client when it's done.
I suspect this can't be done efficiently without cooperation
from both distcc and distccd.

I'll probably think about this for a while before proposing anything real...
- Dan

My technical stuff: http://kegel.com
My politics: see http://www.misleader.org for examples of why I'm for regime change

More information about the distcc mailing list