[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Any plan to merge cvspwd into cvs?

From: Norberto Meijome
Subject: Re: Any plan to merge cvspwd into cvs?
Date: Wed, 08 May 2002 15:38:49 +1000
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0rc2) Gecko/20020430 Netscape7/7.0b1

Ben Kial wrote:


Here is what I setup for the CVS server. Please advise any weakness...

  - In my Unix server, a "cvsuser" group is created with two users
    "cvsadmin" and "cvsguest".  They (and "root", of course :-) are
    the only users in the entire Unix server.


With the above settings, "cvsguest" is the Unix account shared by all
CVS users (i.e. its password is known to all CVS users). The security
of the system is based on the following assumptions (criticize if you
see any problem...)

  - "cvspwd" makes sure that only "cvsadmin" can create/delete CVS
    users (I know this because I tried to login into Unix as
    "cvsguest" and cannot create CVS user using "cvspwd")

  - A CVS user can only change his CVS :pserver password by login in
    to the Unix server as "cvsguest" and type "cvspwd <CVS User
    Name>". "cvspwd" will first ask you to type in the correct
    password of the CVS user.
you may also want to make doubly sure your CVS config file says

otherwise anyone can use your unix cvsguest acct. to access the repository bypassing any user accounts you've got setup.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]