[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: need to force username of cvs 'action' when using shared
|
From: |
Tim Grotenhuis |
|
Subject: |
Re: need to force username of cvs 'action' when using shared |
|
Date: |
Sun, 2 May 2004 22:46:21 -0400 |
I am not allowed to run pserver.
Thanks,
tim
----- Original Message -----
From: "Larry Jones" <address@hidden>
To: "Tim Grotenhuis" <address@hidden>
Cc: <address@hidden>
Sent: Sunday, May 02, 2004 1:25 PM
Subject: Re: Fw: need to force username of cvs 'action' when using shared
> Tim Grotenhuis writes:
> >
> > My script that runs in the command="" option in the authorized_keys2
file
> > runs successfully and I can control the input based on which key (ie,
which
> > developer) is used. I am looking for the correct environmental
variable
> > that CVS WILL look at.
>
> There isn't one.
>
> > I just can't imagine that this hasn't been required before: a single
shell
> > account with a used id of, for example, 'cvsuser' requiring SSH,
instead of
> > pserver, authentication and access for developers. The nature of CVS,
that
> > of tracking diffs and who did what when, seems to be compromised in this
> > situation. Thats all.
>
> What you're doing (using a single account for everyone) is what is
> compromising the tracking. What you're asking for would completely
> compromise the tracking since it would allow absolutely anyone to commit
> changes whilst claiming to be anyone else they like. Only privileged
> users can change their UID, but anyone can set environment variables.
> If you really need multiple users with a single system ID, I suggest you
> look into running pserver over an SSH tunnel.
>
> -Larry Jones
>
> Everything's gotta have rules, rules, rules! -- Calvin
>
>