[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: denial-of-service attack prohibits all users from creating new
|
From: |
Larry Jones |
|
Subject: |
Re: denial-of-service attack prohibits all users from creating new |
|
Date: |
Wed, 2 Jun 2010 20:38:00 -0400 |
Todd Denniston writes:
>
> Actually we are probably looking at naive users who used too little
> imagination in creating the
> directory they feed into the $CVSROOT variable, i.e., they did (at least at
> one time)
> export CVSROOT=/a/directory/somewhere/on/mymachine/CVSROOT
Hmmm, I hadn't considered that the problematic CVSROOT directory might
actually be the root of a repository. If that's the case, the users
should rename the directory to something else since it will cause
problems in the future (and is seriously confusing to boot).
> i.e. CVS lets you do the following with out complaint:
> cd /tmp/
> cvs -v # Concurrent Versions System (CVS) 1.11.22 (client/server)
> mkdir CVSROOT
> cvs -d /tmp/CVSROOT/ init
Not any more -- that triggers the "Cannot initialize repository under
existing CVSROOT" message that we're discussing.
> Also in my copy of the cederqvist, which is admittedly cederqvist-1.11.23 a
> bit old, the section F.1
> "Partial list of error messages" is partial enough that it does not contain
> any text along the lines of:
> cvs [init aborted]: Cannot initialize repository under existing CVSROOT:
> `ProblemDir'
Good point -- that seems to have been overlooked when the message was
added. I'll add something about it.
--
Larry Jones
Rats. I can't tell my gum from my Silly Putty. -- Calvin