info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remote cvs and security


From: David Fuller
Subject: Re: Remote cvs and security
Date: Mon, 10 Sep 2001 12:10:49 -0400

Look in the archives for this message:

Subject: CVS passwd patch
Date:    Thu, 16 Aug 2001 08:50:32 -0400

This patch offers one solution.

If you are paranoid about security then I recommend you also disconnect
your computer from the internet, remove any floppy drives, cd burners,
zip drives, etc.  Then seal the whole thing in 4 feet of concrete and
lock it up in a vault.  That should resolve any security concerns you
have.

Oh yeah, you could also use the nearly equally insecure ssh.

-- David F.

> Colin Bester wrote:
> 
> I was wondering what advice can be given to tighten security on a
> remote repository.
> 
> Creating CVSROOT/passwd file is fine for attempting to protect users
> system passwords, but still leaves the repository vunerable itself.
> 
> Getting cvs password seems to be a cinch and then all ones code is up
> for grabs - not a very nice picture.
> 
> I would appreciate some pointers and advice
> 
> Also is there a convenient way to search archives for previous
> discussions - I might have missed it.
> 
> Thanks
> 
> Colin Bester    address@hidden



reply via email to

[Prev in Thread] Current Thread [Next in Thread]