[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How best to secure CVS?

From: Greg A. Woods
Subject: Re: How best to secure CVS?
Date: Wed, 7 Nov 2001 19:46:44 -0500 (EST)

[ On Wednesday, November 7, 2001 at 12:36:15 (-0800), Villalovos, John L wrote: 
> Subject: How best to secure CVS?
> I was wondering if there was information out there on how best to secure
> CVS?

Use the ":ext:" method with SSH.

> How secure is the pserver mode?

Not.  None.  Zero.  Zip.

>  Can a user who has a CVS account gain root
> access on a system running pserver?

That's less likely, but not the real point of CVS security. 

> I am not concerned with the passwords being passed in the clear because I am
> using STUNNEL for the pserver protocol.

That's only a very tiny part of the picture....

> How useful is it to setup a chroot environment?

Why bother?  Give everyone real accounts and use accountability
mechanisms to ensure nobody does anything they shouldn't (at least not
without getting caught and properly reprimanded for).

                                                        Greg A. Woods

+1 416 218-0098      VE3TCP      <address@hidden>     <address@hidden>
Planix, Inc. <address@hidden>;   Secrets of the Weird <address@hidden>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]