[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How best to secure CVS?

From: Larry Jones
Subject: Re: How best to secure CVS?
Date: Thu, 8 Nov 2001 11:00:22 -0500 (EST)

Greg A. Woods writes:
> [ On Wednesday, November 7, 2001 at 12:36:15 (-0800), Villalovos, John L 
> wrote: ]
> > Subject: How best to secure CVS?
> >
> >  Can a user who has a CVS account gain root
> > access on a system running pserver?
> That's less likely, but not the real point of CVS security. 

If you use pserver and don't correctly protect the CVSROOT/passwd file,
it's trivially easy.

The bottom line is that there are lots of different kinds of security
and you need to decide exactly what it is that *you* mean by it before
you can make any kind of decisions about whether a particular use of CVS
is/isn't, or can/can't be made, "secure".

-Larry Jones

Let's just sit here a moment... and savor the impending terror. -- Calvin

reply via email to

[Prev in Thread] Current Thread [Next in Thread]