Re: cvs 1.11.23 executable available for Windows?

info-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cvs 1.11.23 executable available for Windows?

From:	Mark D. Baushke
Subject:	Re: cvs 1.11.23 executable available for Windows?
Date:	Sun, 15 Jun 2008 08:59:00 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Arthur,

Arthur Barrett <address@hidden> writes:

Thank you for your comments.

> ... Also windows users are rather fond of active directory integration
> which CVSNT provides with the SSPI protocol (though that does require
> CVSNT server as well though not necessarily on windows).

My point of view is that CVS should never be in the business of doing
authentication operations. When I use the :extssh: transport, the client
connects with the server and does a user login with the server using the
appropriate credentials for that server. I even have some operating
systems which use LDAP for authentication (OpenLDAP rather than
ActiveDirectory in this csae).

However, letting CVS (or CVSNT) run as a privileged user is never safe
in my opinion (we need to agree to disagree on this topic I guess). I
have advocated avoiding :pserver: support for years primarily because I
think it is wrong for CVS to do authentication and authorization
operations. In the same manner, I am not a fan of any of the other
methods which bypass the operating system doing the authentication and
authorization of user permissions to do a client/server operation.

> > Indeed. And it is good to direct CVSNT questions
> > to that group. This question was explicitly about
> > CVS and not CVSNT.
>
> I still see a not-insignificant percentage of Q's per month
> specifically about CVSNT on this newsgroup. I think people just assume
> CVSNT is the windows port of CVS and that the CVS newsgroup is the
> correct place to go and ask Questions.

Yes, and I really do appreciate you lurking here and answering those
questions and/or directing folks to the appropriate place.

By the way, there are a few things in the CVS 1.12.x 'FEATURE' branch
(the main trunk) which include dealing with OpenPGP signatures (GnuPG or
PGP) on revisions which you may wish to consider adding to CVSNT going
forward.

        -- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (FreeBSD)

iD8DBQFIVTxDCg7APGsDnFERAjLHAJ9gvXy8f0c62bxKC6o7cts0Y9zXIACgxSfl
GHeHuC02ZWwu72ljKTXIWow=
=5eTH
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

cvs 1.11.23 executable available for Windows?, Nelson Bolyard, 2008/06/14
- Re: cvs 1.11.23 executable available for Windows?, Mark D. Baushke, 2008/06/14
- RE: cvs 1.11.23 executable available for Windows?, Arthur Barrett, 2008/06/14
  - Re: cvs 1.11.23 executable available for Windows?, Mark D. Baushke, 2008/06/14
- RE: cvs 1.11.23 executable available for Windows?, Arthur Barrett, 2008/06/15
  - Re: cvs 1.11.23 executable available for Windows?, Spiro Trikaliotis, 2008/06/15
  - Re: cvs 1.11.23 executable available for Windows?, Mark D. Baushke <=
- RE: cvs 1.11.23 executable available for Windows?, Arthur Barrett, 2008/06/15
- RE: cvs 1.11.23 executable available for Windows?, Arthur Barrett, 2008/06/15
- RE: cvs 1.11.23 executable available for Windows?, Arthur Barrett, 2008/06/15

Prev by Date: Re: cvs 1.11.23 executable available for Windows?
Next by Date: RE: cvs 1.11.23 executable available for Windows?
Previous by thread: Re: cvs 1.11.23 executable available for Windows?
Next by thread: RE: cvs 1.11.23 executable available for Windows?
Index(es):
- Date
- Thread