[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security aspect in CVS

From: Greg A. Woods
Subject: Re: Security aspect in CVS
Date: Wed, 24 Apr 2002 13:34:38 -0400 (EDT)

[ On Wednesday, April 24, 2002 at 17:01:19 (+0530), Sumit Mandal wrote: ]
> Subject: Security aspect in CVS
> I have recently installed the CVS NT Server in Windows 2000 Server Edition.I 
> am using WinCVS 1.3 client.They work fine.To implement CVS at organizational 
> level,I am exploring CVS and all its features.I have the following queries 
> from security point of view :

Please wrap long lines at less than 80 characters!!!!!
(and please put spaces after punctuation marks!)

You're probably asking on the wrong list -- info-cvs is primarily about
generic CVS issues and CVS on unix.....

> How to give read access to a particular module ?

Presuming you're asking how to give read-only access to a specific
module and/or specific set of users, then I don't know if that can be
done on NT/Windoze-2K.

> How can I prevent a module to be checked out from the client end(say the 
> CVSROOT module which I do not any one to access other than the Administrator) 
> ?

You should probably consider hosting your repository on a unix-based
server and using real system accounts for every user (and
administrator), and using SSH to access the server from "remote"

> How can I prevent a particular file to be checked in by a user, in cases 
> where we want to restrict check-in ?

If your repository were hosted on unix then you could control access to
all the files in a given directory based on the group membership of the

> I am using pserver protocol.

There is no security in the pserver protocol (or the server
implementation) beyond what's minimally necessary for anonymous
read-only access to CVS.

> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

Please DO NOT EVER send HTML, rich text, or otherwise stylized e-mail,
especially not to me or to any public mailing list.  Not all mail
readers will recognize such formats.  HTML in particular is a potential
security threat and many firewalls filter it entirely -- especially
since CERT and Microsoft recently anounced a very major flaw in the HTML
rendering engine used in all Microsoft products.  Please send all your
messages as plain text only.

                                                                Greg A. Woods

+1 416 218-0098;  <address@hidden>;  <address@hidden>;  <address@hidden>
Planix, Inc. <address@hidden>; VE3TCP; Secrets of the Weird <address@hidden>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]