[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Linux security issues as they pertain to CVS
From: |
Greg A. Woods |
Subject: |
Re: Linux security issues as they pertain to CVS |
Date: |
Sat, 26 May 2001 13:19:57 -0400 (EDT) |
[ On Saturday, May 26, 2001 at 03:07:20 (-0400), Larry Jones wrote: ]
> Subject: Re: Linux security issues as they pertain to CVS
>
> Greg A. Woods writes:
> >
> > So, if you don't have root access then how the heck do you propose to
> > implement CVS Pserver?!?!?!? (Hint: you cannot.)
>
> Of course you can. All you need to do is run a private copy of inetd
> (or whatever replacement you like) as a non-root user, have it run CVS
> as the same non-root user, and use CVSROOT/passwd to map all valid CVS
> users to that same non-root system user. QED.
Yeah, and there's "nc -l" too. But is either going to work in a
production environment in a development shop? I doubt it....
I'll bet it'll bring any sane and knowledgeable security officer down so
hard on your head too that you won't even know what hit you.
--
Greg A. Woods
+1 416 218-0098 VE3TCP <address@hidden> <address@hidden>
Planix, Inc. <address@hidden>; Secrets of the Weird <address@hidden>
- Linux security issues as they pertain to CVS, Ralph Mack, 2001/05/25
- Re: Linux security issues as they pertain to CVS, Larry Jones, 2001/05/25
- Re: Linux security issues as they pertain to CVS, Greg A. Woods, 2001/05/25
- Re: Linux security issues as they pertain to CVS, Mark, 2001/05/25
- Re: Linux security issues as they pertain to CVS, Greg A. Woods, 2001/05/25
- Re: Linux security issues as they pertain to CVS, Larry Jones, 2001/05/26
- Re: Linux security issues as they pertain to CVS,
Greg A. Woods <=
- Re: Linux security issues as they pertain to CVS, Derek R. Price, 2001/05/29
- Re: Linux security issues as they pertain to CVS, Greg A. Woods, 2001/05/30
- Re: Linux security issues as they pertain to CVS, Greg A. Woods, 2001/05/25
- Re: Linux security issues as they pertain to CVS, Derek R. Price, 2001/05/29
- RE: Linux security issues as they pertain to CVS, Ralph Mack, 2001/05/26