Date: Thu, 18 Sep 1997 18:19:25 -0600 (MDT) From: Marc Slemko <marcs@znep.com> To: Eivind Eklund <perhaps@yes.no> Cc: itojun@itojun.org, hackers@FreeBSD.ORG Subject: Re: cvs pserver mode Message-ID: <Pine.BSF.3.95.970918181514.17330A-100000@alive.znep.com> In-Reply-To: <199709182330.BAA07105@bitbox.follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 19 Sep 1997, Eivind Eklund wrote: > > > > >> does any of you have trouble using pserver mode of cvs? > > >First, don't use pserver. It sucks. Badly. It stores unencrypted > > >passwords on the clients disk and anyone with a shell on the server an > > >steal connections (and hence passwords) from users connecting. Bad. > > >Secondly, you need the --allow-root option to tell it what repositories to > > >use. This is new in 1.9.10 or something like that. > > > > [option list deleted] > > - give an account (say, "mygroup") to them and use rsh/ssh > > I consider this the only sensible thing. Give them an account with > the shell pointing at a text file containing > #!/bin/sh > /usr/bin/cvs server > > and set permissions so they can't write to the cvs repository. Little To do this, you need to hack cvs to allow read-only respositories and be sure that you have _no_ way that anyone can upload arbitrary files that will be readable by the user running the above. If you have something like anonymous ftp uploads which are world readable, then they can trivially get a shell as the uid cvs runs as. Hmm, wonder if the --allow-root option works with cvs "server"... > security risk (except that they can exploit bugs in cvs) - even less > if you go for a chrooted environment (which will probably need some > hacking to get set up)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.970918181514.17330A-100000>