info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PServer authentication

From: Derek R. Price
Subject: Re: PServer authentication
Date: Tue, 17 Oct 2000 13:44:00 -0400 
Larry Jones wrote:

> Mike Castle writes:
> >
> > I was always under the impression the those using OpenBSD were doing so for
> > security reasons.  And pserver is far from secure!
>
> As long as all the users have shell accounts on the server, a typical
> pserver installation won't allow them to do anything they couldn't do
> from the shell account.  pserver is only a security problem when you
> want to allow access to untrusted users.

That's assuming that the user can't write to the CVSROOT directory.  Anyone who
can write or overwrite the CVSROOT/passwd file can give themselves root if your
cvs installation is running as root.  If you run pserver as some other user
that's not a problem.

Derek

--
Derek Price                      CVS Solutions Architect ( http://CVSHome.org )
mailto:address@hidden     OpenAvenue ( http://OpenAvenue.com )
--
Travel advisories - Alaska:  Tourists are warned to wear tiny bells on
their clothing when hiking in bear country.  The bells warn away MOST
bears.  Tourists are also cautioned to watch the ground on the trail,
paying particular attention to bear droppings, to be alert for the
presence of Grizzly Bears.  One can tell Grizzly droppings by the tiny
bells in them.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]