[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ANN: cvssh - secure ext-to-pserver bridge
From: |
Greg A. Woods |
Subject: |
Re: ANN: cvssh - secure ext-to-pserver bridge |
Date: |
Fri, 25 Jan 2002 15:47:23 -0500 (EST) |
[ On Friday, January 25, 2002 at 11:30:27 (-0800), Paul Sander wrote: ]
> Subject: Re: ANN: cvssh - secure ext-to-pserver bridge
>
> CVS' pserver mode implements its own security. It's up to the CVS
> developers and the pserver mode users to decide if the security is
> good enough.
And there's where your fatal flaw lies. CVS cannot, by design *and*
implementation, possibly securely implement any even reasonable level of
authentication and authorisation service. Period. CVS pserver
is good enough only for totally anonymous (and presumably read-only)
access, and _NOTHING_ more.
CVS pserver _MUST_ die. It should never ever have been publically
released. It is flawed by design. A secure implementation is
impossible.
--
Greg A. Woods
+1 416 218-0098; <address@hidden>; <address@hidden>; <address@hidden>
Planix, Inc. <address@hidden>; VE3TCP; Secrets of the Weird <address@hidden>
- Re: ANN: cvssh - secure ext-to-pserver bridge, (continued)
- Re: ANN: cvssh - secure ext-to-pserver bridge, Greg A. Woods, 2002/01/23
- Re: ANN: cvssh - secure ext-to-pserver bridge, Paul Sander, 2002/01/24
- Re: ANN: cvssh - secure ext-to-pserver bridge, Greg A. Woods, 2002/01/24
- Re: ANN: cvssh - secure ext-to-pserver bridge, Paul Sander, 2002/01/24
- Re: ANN: cvssh - secure ext-to-pserver bridge, Greg A. Woods, 2002/01/24
- Re: ANN: cvssh - secure ext-to-pserver bridge, Michal Wallace, 2002/01/24
- Re: ANN: cvssh - secure ext-to-pserver bridge, Greg A. Woods, 2002/01/25
- Re: ANN: cvssh - secure ext-to-pserver bridge, Paul Sander, 2002/01/25
- Re: ANN: cvssh - secure ext-to-pserver bridge, Greg A. Woods, 2002/01/25
- Re: ANN: cvssh - secure ext-to-pserver bridge, Paul Sander, 2002/01/25
- Re: ANN: cvssh - secure ext-to-pserver bridge,
Greg A. Woods <=
- Re: ANN: cvssh - secure ext-to-pserver bridge, Paul Sander, 2002/01/26