[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cvs commit as root

From: Harry Putnam
Subject: Re: cvs commit as root
Date: Sat, 08 Dec 2001 15:27:11 -0800
User-agent: Gnus/5.090004 (Oort Gnus v0.04) Emacs/21.1 (i586-pc-linux-gnu)

address@hidden (Larry Jones) writes:

> Harry Putnam writes:
>> No, this connection is over ssh using CVS_RSH set to ssh and the ext
>> syntax. Like:
>>    cvs -d :ext:HOST:/usr/local/cvsroot
>> I don't actually use that syntax on the command line.  I think it just
>> happens because I have $CVSROOT set to the machine with the cvsroot
>> files (CVSROOT=HOST:/usr/local/cvsroot) and CVS_RSH set to
>> CVS_RSH=/usr/local/bin/ssh
> There's never any reason to run the server as root.  Add -l to your
> CVS_RSH to run as a non-root user on the server:
>       CVS_RSH="/usr/local/bin/ssh -l joe"

I haven't tried this yet but it looks like the thing that has been
missing. But at risk of seeming to pound this to death.  Just at first
blush it seems this would mean that the files in /usr/local/cvsroot
would have to belong to `joe' or a group `joe' is part of.

I'm not currently doing what I describe below but have considered it
for security reasons.  And infact have felt somewhat exposed because
the files under /usr/local/cvsroot on the server are not root owned.

Like I mentioned, this is a single user system, but in the event a
script kiddie got in.  I think I would want those files to be under
root protection.  ( Of course, if someone takes root, all bets are off)

As pointed out in this thread earlier, some of the files in
/usr/local/cvsroot are files that would normally have root only
Ownership/group and some of them would be chmod 600 or 700 to

If those files are kept under roots' protection then `joe' would not
be able to access them ... correct? 

Further, if files on the local machine's checked out module are under
root protection then an `update' by `joe' wouldn't overwrite them
would it?

Or if Joe tries to check out a module when in / or some other root
only directory, he won't be able to right?

One last thing that doesn't seem to add up here.  If suing with no `-'
is ok for cvs how is not ok as `su -'.  Seems the same kind of
problems would obtain in either case.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]