[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: CVS, RSH and direct access to repository

From: Jim.Hyslop
Subject: RE: CVS, RSH and direct access to repository
Date: Fri, 16 Jan 2004 13:41:04 -0500

Mark D. Baushke [mailto:address@hidden wrote:
> However, under the :pserver: method, the password is kept trivially
> encoded both on your desktop (in $HOME/.cvspass) and on the server (in
> CVSROOT/passwd).
Just a minor correction: the passwords in CVSROOT/passwd are much more
securely - CVSROOT/passwd uses the same encryption algorithm as is used for
/etc/passwd (the documentation even mentions pasting the entries from
/etc/passwd to CVSROOT/passwd).

Of course, the rest of the security chain contains all the other weak links
you mentioned, so this does not affect any of the other concerns you raised.

Jim Hyslop 
Senior Software Designer 
Leitch Technology International Inc. (<>) 
Columnist, C/C++ Users Journal (<>) 

reply via email to

[Prev in Thread] Current Thread [Next in Thread]