[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cvs 1.11.23 executable available for Windows?

From: Mark D. Baushke
Subject: Re: cvs 1.11.23 executable available for Windows?
Date: Sun, 15 Jun 2008 08:59:00 -0700

Hash: SHA1

Hi Arthur,

Arthur Barrett <address@hidden> writes:

Thank you for your comments.

> ... Also windows users are rather fond of active directory integration
> which CVSNT provides with the SSPI protocol (though that does require
> CVSNT server as well though not necessarily on windows).

My point of view is that CVS should never be in the business of doing
authentication operations. When I use the :extssh: transport, the client
connects with the server and does a user login with the server using the
appropriate credentials for that server. I even have some operating
systems which use LDAP for authentication (OpenLDAP rather than
ActiveDirectory in this csae).

However, letting CVS (or CVSNT) run as a privileged user is never safe
in my opinion (we need to agree to disagree on this topic I guess). I
have advocated avoiding :pserver: support for years primarily because I
think it is wrong for CVS to do authentication and authorization
operations. In the same manner, I am not a fan of any of the other
methods which bypass the operating system doing the authentication and
authorization of user permissions to do a client/server operation.

> > Indeed. And it is good to direct CVSNT questions
> > to that group. This question was explicitly about
> > CVS and not CVSNT.
> I still see a not-insignificant percentage of Q's per month
> specifically about CVSNT on this newsgroup. I think people just assume
> CVSNT is the windows port of CVS and that the CVS newsgroup is the
> correct place to go and ask Questions.

Yes, and I really do appreciate you lurking here and answering those
questions and/or directing folks to the appropriate place.

By the way, there are a few things in the CVS 1.12.x 'FEATURE' branch
(the main trunk) which include dealing with OpenPGP signatures (GnuPG or
PGP) on revisions which you may wish to consider adding to CVSNT going

        -- Mark
Version: GnuPG v1.4.7 (FreeBSD)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]