[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposal to Remove Commit/Update-Prog Functionality

From: Karl Fogel
Subject: Re: Proposal to Remove Commit/Update-Prog Functionality
Date: 16 Jan 2003 10:24:33 -0600
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3.50

Derek Robert Price <derek@ximbiot.com> writes:
> I don't hear much about anyone who uses this functionality and it is a
> fairly major security hole in CVS, effectively allowing any client
> with write access to execute arbitrary code on a CVS server, so I am
> proposing the functionality be removed.
> Please note that  I am proposing that the Checkin-prog and Update-prog
> commands be removed from the CVS protocol.  This is different from the
> *info scripts that can be specified by the CVS administrator to run
> scripts at update and checkout.
> Alternately, if there are major objections to this, the code could be
> #ifdef'd or options provided in the CVSROOT/config file to enable the
> functionality, but I'd prefer to disable it.

Sounds like a very good idea!  I doubt most people even know they're
there, let alone uses them.

At the very least, let's make sure they're #ifdef'd out of the default
server build.  (But I think Derek's first idea of just removing them
from the protocol entirely is best.)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]