info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security options :-(

From: Greg A. Woods
Subject: Re: Security options :-(
Date: Tue, 17 Dec 2002 17:38:38 -0500 (EST) 
[ On Tuesday, December 17, 2002 at 08:44:26 (-0500), Phil R Lawrence wrote: ]
> Subject: Security options :-(
>
> Method 1
>    description:
>    - users SSH into existing accounts.
>    - repository has group permissions that allow users to
>      check in and out, etc.
> 
>    drawback:
>    - users can modify the history files, because they are
>      located in the same dir as source files.  Audit function
>      is thus compromised.

The auditability of accesses to your repository ,v files is limited only
by the facilities provided in your host operating sytem.  A system with
full "C2" level security features will give you all the auditing
features you desire.

Users can still modify the files by subverting CVS, but at least with
SSH and proper system accounts they must do so with their own
credentials -- they cannot spoof other users.  Though of course they
could violate other user's accounts by cracking a password or key or
stealing access to an unattended session -- but again the big stick
mechanism, along with a good security awareness program is your best
defense.

In the mean time with ordinary Unix security features you can also use a
big stick and minimal auditing of SSH log events to ensure that your
users never actually use shell access on the CVS server host and thus
ensure that all access to the repository files is done via CVS.  Of
course you still need a good security awareness program for user, a good
understanding of SSH security, and external 

-- 
                                                                Greg A. Woods

+1 416 218-0098;            <address@hidden>;           <address@hidden>
Planix, Inc. <address@hidden>; VE3TCP; Secrets of the Weird <address@hidden>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]