info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security, audits and pserver


From: Noel Yap
Subject: Re: Security, audits and pserver
Date: Thu, 12 Dec 2002 09:46:08 -0800 (PST)

--- "CHARLES HART, BLOOMBERG/ 499 PARK"
<address@hidden> wrote:
> um, I'm a newbie at CVS, so I've read more of the
> documentation than anything
> else, but the answers I've seen so far for the
> security question seem to have
> missed one vital point.  People have write access to
> spots in the repository,
> therefore they, just like CVS, can write as they
> please to the ,v files. That
> means that there is no guarentee that the history
> that is present in the
> repository reflects the actual events in history. 
> This hole, even if it is not
> exploited in an organization because everybody is
> "good", is still a hole, and
> won't pass an audit.  What I'll be testing next
> week, is a CVS server where no
> "users" exist in /etc/passwd, and all access rights
> are granted through pserver
> mapping CVS user IDs to security accounts. The admin
> can still bypass audit
> controls, but that's better than having my 1,000
> users being enabled to. -CTH

SSH (at least SSH2) can be configured in such a way
that only CVS can be executed with a particular key
pair.  I think this means that one would need to
subvert CVS or SSH in order to manipulate the info
within the ,v files.

I've never used chroot'ed anything so I'm not sure if
a chrooted CVS will help prevent direct repo access
but it may still be worth looking into.

HTH,
Noel


__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com



reply via email to

[Prev in Thread] Current Thread [Next in Thread]