[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New update to the CVS ACL patch to support user groups

From: minyard
Subject: Re: New update to the CVS ACL patch to support user groups
Date: 25 Jul 2001 09:06:29 -0500

address@hidden (Greg A. Woods) writes:

> [ On Wednesday, July 25, 2001 at 13:24:43 (+1000), Ellison, Martin [IT] 
> wrote: ]
> > Subject: RE: New update to the CVS ACL patch to support user groups
> >
> > My understanding is that this allows the users direct access to the
> > repository (*,v) files. Correct?
> Not explicitly, no.

If you want to use filesystem ACLs and you want the users to be able
to manipulate them, then explicitly yes.  The users have to be able to
run the commands to modify permissions/ownership on those files.  They
also need to be able to change their password and install ssh keys.

> Unfortunately CVSpserver is totally insecure.  It offers absolutely no
> secure accountabilty (which allows redirection of blame), provides no
> real network security (it's just a plain clear-text TCP connection), and
> worst of all it affords no protection whatsoever from a dedicated
> attacker since CVS itself is not internally secure.  CVS was not
> designed and implemented to be run in the "pserver" style of operation
> and be made responsible for authentication and authorisation as well as
> auditing -- it was designed and implemented only to be run by users
> authorised and authenticated by the underlying operating system.
> CVSpserver should be ripped out of CVS and left behind as a futile
> failed experiment.  There was never any real reason for it in the first
> place (just short-sightedness), and there's even less reason for it now
> in a day when secure external network acess protocols such as SSH are
> widely implemented.

I'm not sure what you mean by "secure accountability", are you talking
about general C2-like audit trails, or are you thinking of something
specific with CVS?

Where is CVS internally insecure?  Is this just theoretical because it
wasn't designed that way, or do you know of specific weaknesses?

The network security is certainly a problem with pserver.  You
shouldn't use it on an untrusted network right now.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]