Re: How best to secure CVS?

info-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How best to secure CVS?

From:	Greg A. Woods
Subject:	Re: How best to secure CVS?
Date:	Wed, 7 Nov 2001 19:46:44 -0500 (EST)

[ On Wednesday, November 7, 2001 at 12:36:15 (-0800), Villalovos, John L wrote: 
]
> Subject: How best to secure CVS?
>
> I was wondering if there was information out there on how best to secure
> CVS?

Use the ":ext:" method with SSH.

> How secure is the pserver mode?

Not.  None.  Zero.  Zip.

>  Can a user who has a CVS account gain root
> access on a system running pserver?

That's less likely, but not the real point of CVS security. 

> I am not concerned with the passwords being passed in the clear because I am
> using STUNNEL for the pserver protocol.

That's only a very tiny part of the picture....

> How useful is it to setup a chroot environment?

Why bother?  Give everyone real accounts and use accountability
mechanisms to ensure nobody does anything they shouldn't (at least not
without getting caught and properly reprimanded for).

-- 
                                                        Greg A. Woods

+1 416 218-0098      VE3TCP      <address@hidden>     <address@hidden>
Planix, Inc. <address@hidden>;   Secrets of the Weird <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

How best to secure CVS?, Villalovos, John L, 2001/11/07
- Re: How best to secure CVS?, Greg A. Woods <=
  - Re: How best to secure CVS?, Larry Jones, 2001/11/08
- Re: How best to secure CVS?, yap_noel, 2001/11/08

Prev by Date: Tagging
Next by Date: Re: Question about version numbers.
Previous by thread: How best to secure CVS?
Next by thread: Re: How best to secure CVS?
Index(es):
- Date
- Thread