[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pserver user id's
|
From: |
foomonkey |
|
Subject: |
Re: pserver user id's |
|
Date: |
7 Jul 2005 07:46:52 -0700 |
|
User-agent: |
G2/0.2 |
I believe my problem lies in that my inetd.conf specifies to run
cvspserver under the cvsadm user account. When I have my
$CVSROOT/CVSROOT/passwd file configured like,
<username>:<password>:cvsadm, everything works great. With the
exception that user A can see user B's projects and vice versa. This is
because cvsadm owns the repository directory structure. The mode for it
is 771.
When I change the passwd file to <username>:<password>:<username>, this
does not work. I get the previously mentioned error. My belief is that
pserver is running as cvsadm but wants to run in the context of the
user specified in passwd. I don't know that this is possible unless
pserver is running as root. In a sandbox environment, I have changed
pserver to run as root (in inetd.conf) and it works correctly.
I may be missing something but that's the way things appear to me. Is
there any danger in having pserver run as root? inetd.conf contains
many other services running as root. I realize that ANY service running
as root or otherwise introduces certain vulnerabilities.
Thanks for any clarification anyone can provide.
Andrew