[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Remote cvs and security

From: Greg A. Woods
Subject: RE: Remote cvs and security
Date: Mon, 10 Sep 2001 18:10:53 -0400 (EDT)

[ On Monday, September 10, 2001 at 14:22:25 (-0700), Josh Baudhuin wrote: ]
> Subject: RE: Remote cvs and security
> Well, pserver + CVSROOT/passwd is one thing, but using pserver with the
> default authentication of the system isn't so bad. Passwords are stored
> in the same way that /etc/passwd encrypts them. 

I suppose that's fine if you've got a 100% private and 100% trusted
(Virtual) Private Network, and you 100% trust all the clients on that
network, and provided that you don't need any real security.

CVS pserver with CVSROOT/passwd is a security nightmare otherwise.  It
realy has no valid justification to exist at all and should be
eliminated because even on a 100% trusted VPN the alternatives are
still infinitely better from a security perspective (there's absolutely
no accountability with pserver).

                                                        Greg A. Woods

+1 416 218-0098      VE3TCP      <address@hidden>     <address@hidden>
Planix, Inc. <address@hidden>;   Secrets of the Weird <address@hidden>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]