[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ANN: cvssh - secure ext-to-pserver bridge
From: |
Paul Sander |
Subject: |
Re: ANN: cvssh - secure ext-to-pserver bridge |
Date: |
Fri, 25 Jan 2002 21:22:40 -0800 |
>--- Forwarded mail from address@hidden
>[ On Friday, January 25, 2002 at 11:30:27 (-0800), Paul Sander wrote: ]
>> Subject: Re: ANN: cvssh - secure ext-to-pserver bridge
>>
>> CVS' pserver mode implements its own security. It's up to the CVS
>> developers and the pserver mode users to decide if the security is
>> good enough.
>And there's where your fatal flaw lies. CVS cannot, by design *and*
>implementation, possibly securely implement any even reasonable level of
>authentication and authorisation service. Period. CVS pserver
>is good enough only for totally anonymous (and presumably read-only)
>access, and _NOTHING_ more.
Fine. CVS is BAD (broken as designed) in many ways. Fix the rest of
it and pserver at the same time.
>--- End of forwarded message from address@hidden
- Re: ANN: cvssh - secure ext-to-pserver bridge, (continued)
- Re: ANN: cvssh - secure ext-to-pserver bridge, Paul Sander, 2002/01/24
- Re: ANN: cvssh - secure ext-to-pserver bridge, Greg A. Woods, 2002/01/24
- Re: ANN: cvssh - secure ext-to-pserver bridge, Paul Sander, 2002/01/24
- Re: ANN: cvssh - secure ext-to-pserver bridge, Greg A. Woods, 2002/01/24
- Re: ANN: cvssh - secure ext-to-pserver bridge, Michal Wallace, 2002/01/24
- Re: ANN: cvssh - secure ext-to-pserver bridge, Greg A. Woods, 2002/01/25
- Re: ANN: cvssh - secure ext-to-pserver bridge, Paul Sander, 2002/01/25
- Re: ANN: cvssh - secure ext-to-pserver bridge, Greg A. Woods, 2002/01/25
- Re: ANN: cvssh - secure ext-to-pserver bridge, Paul Sander, 2002/01/25
- Re: ANN: cvssh - secure ext-to-pserver bridge, Greg A. Woods, 2002/01/25
- Re: ANN: cvssh - secure ext-to-pserver bridge,
Paul Sander <=