Re: Linux security issues as they pertain to CVS

[Derek R. Price]

"Greg A. Woods" wrote:

> [ On Tuesday, May 29, 2001 at 09:18:33 (-0500), Thornley, David wrote: ]
> > Subject: RE: Linux security issues as they pertain to CVS
> >
> > Any problems with running pserver over an encrypted channel?  It seems to
> > met that would be just as secure as ssh access (and, of course, just as
> > unsafe - the biggest potential security problems being the guys on both
> > ends of the channel).
>
> That more or less defeats the purpose since you usually have to have a
> real identity to establish a secure channel connection to a server in
> the first place so why not just use that channel for remote job
> execution?  (unless you're talking about an IPsec VPN tunnel, but then
> you've got different issues to worry about)

No you don't.  A secure channel only need authenticate the server, possibly
using an external certificate authority, a la HTTPS.


> CVS pserver on the other hand is under the full and direct control of
> the (or rather *any*) user at the other end so you cannot transfer your
> trust to the client CVS program and you cannot be sure that the person
> at the remote keyboard really is the same "joe" -- there's no secure
> link between the authentication done by the remote client computer to
> allow that user to access it and whatever might be claimed over the
> pserver channel.  Therefore pserver even over a secure channel is not
> itself secure.

Which is perfectly fine and possibly even desirable when you, as CVS
administrator, have no control over the client machine anyhow.  If I have root
access on the client I could use any login I wished anyhow.  In other words,
you'd rather know I knew the password you gave me.

In this case the secure channel should protect you from password sniffers.

Derek

--
Derek Price                      CVS Solutions Architect ( http://CVSHome.org )
mailto:address@hidden         CollabNet ( http://collab.net )
--
Cynic:  Someone who smells the flowers and looks for the casket