Re: CVS security question

[Mark D. Baushke]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Pankaj Garg <address@hidden> writes:

> I wonder why do we not CVS has a server which run with SUID (Super
> User ID) and only it can access repository. Other users can login via
> SSH, verify their credentials with our CVS Server and ask CVS Server
> to carry out their requests. They can request normal repository
> operations based on their privilege. This new CVS server will give
> much better control because we can set minute details of permissions
> on repository and files inside it. In fact we can have just One
> repository in all and host multiple projects under it and give control
> of these projects to different group of people.
> 
> Whats stopping people from implementing this?

You should be able to implement it if it will meet your needs.

Something like the second-to-last paragraphs of this message:
  http://mail.gnu.org/archive/html/info-cvs/2004-01/msg00163.html
is posible.

I know of a site that runs cvs as a set-gid 'cvs' program wherein all of
the files and directories are in group 'cvs' as an aid to avoid
accidental deletion. A set of periodic jobs gets run as root to chown
the files all to user cvs. No real users are in group cvs and the cvs
user does not have a real password. No file in the repository has world
read or write permissions.

Additional protection may be found by making the parent directory for
the repository is only visible to members of the 'software' group for
the software repository. So, this means that only members of the
'software' group would be able to run the set-gid cvs executable to
do any cvs operations at all.

        Enjoy!
        -- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQFAIDDO3x41pRYZE/gRAmNGAJ9+6wBMVW6lIxBGiHRsZc1ODtwFEgCfcTp4
/bzSvuptRQBRKkW/dEMtIgY=
=t7dG
-----END PGP SIGNATURE-----