Re: denial-of-service attack prohibits all users from creating new repos

bug-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: denial-of-service attack prohibits all users from creating new repos

From:	Bruno Haible
Subject:	Re: denial-of-service attack prohibits all users from creating new repositories
Date:	Tue, 1 Jun 2010 12:15:56 +0200
User-agent:	KMail/1.9.9

Hi Mark,

> The only workaround would be to use chroot...

Nice idea. But no, 'autopoint' should not require superuser privileges to run.

> If there is sufficient demand, a '-f' option to force overwrite of an
> existing repository may be able to be added.

No one is trying to overwrite an existing repository. The problem is that the
'cvs init' command is looking at ../../../../../../.., a location far away
from the current directory in the file system, and giving it more importance
than the command line parameters.

Not "sufficient demand" so far? I have already pointed to 4 users who had the
problem.

Bruno

[Prev in Thread]

Current Thread

[Next in Thread]

Re: denial-of-service attack prohibits all users from creating new repositories, Mark D. Baushke, 2010/06/01
- Re: denial-of-service attack prohibits all users from creating new repositories, Bruno Haible <=
  - Re: denial-of-service attack prohibits all users from creating new repositories, Mark D. Baushke, 2010/06/02
    - Re: denial-of-service attack prohibits all users from creating new repositories, Bruno Haible, 2010/06/01
    - Re: denial-of-service attack prohibits all users from creating new repositories, Mark D. Baushke, 2010/06/02
    - Re: denial-of-service attack prohibits all users from creating new repositories, Bruno Haible, 2010/06/01

Prev by Date: Re: Obsolete URL in man cvs
Next by Date: Re: Obsolete URL in man cvs
Previous by thread: Re: denial-of-service attack prohibits all users from creating new repositories
Next by thread: Re: denial-of-service attack prohibits all users from creating new repositories
Index(es):
- Date
- Thread