bug-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] configure options for Update.prog and Checkin.prog


From: Mark
Subject: [PATCH] configure options for Update.prog and Checkin.prog
Date: Sat, 15 Mar 2003 11:06:32 -0800 (PST)

I thought I had seen discussion about disabling or removing the Checkin.prog
and Update.prog functionality in CVS here on this list in Jan. Whatever the
result, here is a patch to provide a option to configure to disable this
functionality.

Thanks,

Mark

Index: server.c
===================================================================
RCS file: /cvsroot/ccvs/src/server.c,v
retrieving revision 1.289
diff -u -r1.289 server.c
--- server.c    14 Mar 2003 09:57:49 -0000      1.289
+++ server.c    15 Mar 2003 18:51:34 -0000
@@ -4776,8 +4776,10 @@
   REQ_LINE("Max-dotdot", serve_max_dotdot, 0),
   REQ_LINE("Static-directory", serve_static_directory, 0),
   REQ_LINE("Sticky", serve_sticky, 0),
+#ifndef DISABLE_CLIENT_PROGS
   REQ_LINE("Checkin-prog", serve_checkin_prog, 0),
   REQ_LINE("Update-prog", serve_update_prog, 0),
+#endif
   REQ_LINE("Entry", serve_entry, RQ_ESSENTIAL),
   REQ_LINE("Kopt", serve_kopt, 0),
   REQ_LINE("Checkin-time", serve_checkin_time, 0),

Index: configure.in
===================================================================
RCS file: /cvsroot/ccvs/configure.in,v
retrieving revision 1.181
diff -u -r1.181 configure.in
--- configure.in        4 Mar 2003 22:47:08 -0000       1.181
+++ configure.in        15 Mar 2003 19:03:34 -0000
@@ -631,6 +631,21 @@
     [Define if you want CVS to be able to be a remote repository client.])
 fi
 
+# Check for option requesting the Update.prog and Checkin.prog functionality
be disabled
+AC_ARG_ENABLE(
+  [client-progs],
+  AC_HELP_STRING(
+    [--disable-client-progs],
+    [Disable the Update.prog and Checkin.prog functionality]))
+
+if test no = "$enable_client_progs"; then
+    AC_DEFINE(
+      [DISABLE_CLIENT_PROGS], [1],
+      [Define to 1 to disable the Update.prog and Checkin.prog functionality.
+       This will prevent users with write access from being able to excute
+       abritary code on the server, as the server process account. ])
+fi
+
 AC_ARG_ENABLE(
   [password-authenticated-client],
   AC_HELP_STRING(

__________________________________________________
Do you Yahoo!?
Yahoo! Web Hosting - establish your business online
http://webhosting.yahoo.com




reply via email to

[Prev in Thread] Current Thread [Next in Thread]