[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: denial-of-service attack prohibits all users from creating new

From: Larry Jones
Subject: Re: denial-of-service attack prohibits all users from creating new
Date: Tue, 1 Jun 2010 15:47:04 -0400

Bruno Haible writes:
> The common point between these reports is that they use the 'autopoint'
> program (part of GNU gettext), which uses the 'cvs' program to extract
> particular versions of files from an archive, and the error message
>   cvs [init aborted]: Cannot initialize repository under existing CVSROOT

Are these users actually working in a subdirectory of an existing CVS
repository or is this a false positive?  If it's the former, it's an
incredibly stupid thing to do and they should be told so -- the
repository is only for CVS internal files, not arbitrary files.  If it's
the latter, I'd like to know why they have a CVSROOT subdirectory in
their current working directory or an ancestor of it (the error message
should indicate the offending directory) and what's in that

It sounds to me like they shot themselves in the foot and are now
complaining to you about it.
Larry Jones

Physical education is what you learn from having your face in
someone's armpit right before lunch. -- Calvin

reply via email to

[Prev in Thread] Current Thread [Next in Thread]