info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVS security question


From: Mark D. Baushke
Subject: Re: CVS security question
Date: Tue, 03 Feb 2004 09:10:49 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Pankaj Garg <address@hidden> writes:

> I am a new user of CVS. I setup CVS server on my linux box. I want two users
> to have check-in access to my repository and i want to use SSH. To use SSH i
> need to make shell accounts for those two users. Now because these two users
> have shell account and have write access to my repository, they can
> essentially login in my CVS server box and do an rm -fR on my whole
> repository. Is there a way to prevent this?

This topic has been recently discussed. See the thread starting here:
  http://mail.gnu.org/archive/html/info-cvs/2004-01/msg00188.html

Note that you can also make "anonymous cvs" access available via SSH if
you wish. Details are listed here in this article by Joey Hess:

  http://www.kitenet.net/~joey/sshcvs/

(a copy of it may also be found here if the first site is busy or down):

  http://www.blacksheepnetworks.com/security/resources/sshcvs/

        Enjoy!
        -- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQFAH9YY3x41pRYZE/gRAhr0AJ9bqCrTBdBflwoUfF+zEs40wk3CHwCgma/8
1tkWzfJy7h17burPL9mM7x8=
=fsNR
-----END PGP SIGNATURE-----




reply via email to

[Prev in Thread] Current Thread [Next in Thread]