info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Moving to Pserver from .rhosts

From: Mike Ayers
Subject: Re: Moving to Pserver from .rhosts
Date: Fri, 15 Nov 2002 22:12:38 -0800
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826 
Greg A. Woods wrote:

[ On Friday, November 15, 2002 at 11:17:10 (-0800), Shankar Unni wrote: ]


Subject: RE: Moving to Pserver from .rhosts

Greg opines:



Then you have no accountability in your CVS repository.  None.


You have as much accountability as you have from ssh and the passwd
file: you know the name of the person (from the pserver passwd file),
and that is recorded in the repository.


No you don't.  CVS is not a security application.  It was not designed
to be one and it cannot ensure any (i.e. not any at all) level of
accountabilty.  None whatsoever.  Nil.  Zilch.  Zip.  Zero.  Negative even.

If you think otherwise you are sadly mistaken and seriously fooling
yourself into a complete and utterly false sense of security.



        Stupid questions for blowhards time:
When did anyone in this thread actually *ask* how to secure their CVS server? 


/|/|ike
reply via email to
[Prev in Thread] Current Thread [Next in Thread]