Re: Security, audits and pserver

[david]

> The advantage to chroot environments is that they can limit exposure to
> things like rogue *info scripts that might reach beyond the CVS repository.
> This is handy in the event that you store sensitive data on the machine
> in addition to the repository.
>
The repository is likely to be one of the more valuable things the
enterprise has on its computers, and so fencing everything else off
from it may not make sense.  In general, I like the idea of using a
dedicated server, used neither to store more sensitive data nor as
a computer to log into and do general work on.  While that may well
be more expensive, it allows the security to be better compartmented.

> The biggest argument in favor of user accounts is that the operating system
> is much better at authenticating users, logging their activities, and
> enforcing access controls than the CVS application is.  And if a user
> manages to break out of the application somehow, he's not anonymous and you
> know where to turn when things go bad.
>
Yup.  The other advantage of user accounts vs. pserver is the greater
security afforded the passwords.  If you're sure of the security
all the way through the system, and you are completely confident in
your developers, using pserver in a secured manner will work fine.
Most enterprises have questionable security here and there, and
potentially unreliable or even hostile developers.
 
-- 
Now building a CVS reference site at http://www.thornleyware.com
address@hidden