info-cvs archive search

101. Re: Is it secure to use CVS over the Internet? (score: 14)

Author: HIDDEN

Date: Mon, 31 Jan 2005 15:33:41 +0100

Hello, if you mean pserver access: There have been more than one warning not to use that protocol over untrusted networks. That protocol was not designed with security in mind. Anyway, if you use any

/archive/html/info-cvs/2005-01/msg00386.html (5,113 bytes)

102. Re: PAM Authentication? (score: 51)

Author: HIDDEN

Date: Tue, 25 Jan 2005 09:11:02 -0800 (PST)

-- Todd Denniston <address@hidden> wrote: https://www.cvshome.org/docs/manual/cvs-1.11.18/cvs_26.html#INDEX1_6 https://www.cvshome.org/docs/manual/cvs-1.12.11/cvs_27.html#INDEX2_2 The information her

/archive/html/info-cvs/2005-01/msg00271.html (9,024 bytes)

103. Re: PAM Authentication? (score: 31)

Author: HIDDEN

Date: Mon, 24 Jan 2005 16:20:24 -0500

Which instructions? I see no PAM here https://www.cvshome.org/docs/manual/cvs-1.11.18/cvs_26.html#INDEX1_6 Or here https://www.cvshome.org/docs/manual/cvs-1.12.11/cvs_27.html#INDEX2_2 Is y24jds a use

/archive/html/info-cvs/2005-01/msg00258.html (7,552 bytes)

104. PAM Authentication? (score: 14)

Author: HIDDEN

Date: Mon, 24 Jan 2005 11:56:55 -0800 (PST)

I am trying to bring cvs into my company. I am working with one of our Solaris admins on getting the product installed and configured. We have run into a problem with getting the PAM authentication w

/archive/html/info-cvs/2005-01/msg00255.html (5,451 bytes)

105. RE: ACL status (score: 30)

Author: HIDDEN

Date: Fri, 14 Jan 2005 16:40:00 +0100

Many thank Todd. Excuse me, is OS (Operating System like you are deduced :-) About the requirement of change owners and groups it's a restriction of our enterprise security policy and it's out my sco

/archive/html/info-cvs/2005-01/msg00146.html (11,789 bytes)

106. Re: ACL status (score: 20)

Author: HIDDEN

Date: Fri, 14 Jan 2005 08:27:20 -0500

Gross permissions with cvs (not sure about CVSNT under windows) are done at the filesystem level, i.e., either you can read from the project repo or not depending on the filesystem permissions. Writi

/archive/html/info-cvs/2005-01/msg00145.html (10,655 bytes)

107. Re: SSH configuration (score: 28)

Author: HIDDEN

Date: Wed, 17 Nov 2004 14:21:03 -0500

Actually, old versions of CVS and 1.12.x can also fall back on system authentication (/etc/passwd or whatever the local getpwnam() happens to use - NIS/PAM/whatever). Of course, even aside from not r

/archive/html/info-cvs/2004-11/msg00151.html (7,308 bytes)

108. Re: SSH configuration (score: 15)

Author: HIDDEN

Date: Tue, 16 Nov 2004 11:56:25 -0800

Correct. $CVSROOT/CVSROOT/passwd only applies with :pserver: access mode. CVS with :ext: and a CVS_RSH=ssh environment variable uses ssh as transport which uses the native host login method. CVS with

/archive/html/info-cvs/2004-11/msg00141.html (6,780 bytes)

109. Re: freezing cvs repository to rsync to a remote location (score: 23)

Author: HIDDEN

Date: Fri, 05 Nov 2004 10:38:17 -0500

<SNIP> <SNIP> You have "no possibility of achieving even minimal accountability -- any CVSpserver user can trivially spoof any other at several levels. CVS is _NOT_ a security application, nor is it

/archive/html/info-cvs/2004-11/msg00039.html (8,812 bytes)

110. Re: autentication (score: 21)

Author: HIDDEN

Date: Wed, 27 Oct 2004 09:19:07 +1000

I dont undestand why many people use Pserver if ext-ssh is more secury. Either do I. What is advantages of the Pserver? I have to assume it is mostly over worked administrators. They can enable it w

/archive/html/info-cvs/2004-10/msg00301.html (7,297 bytes)

111. Re: autentication (score: 21)

Author: HIDDEN

Date: Tue, 26 Oct 2004 09:06:56 -0700

Either do I. I have to assume it is mostly over worked administrators. They can enable it without needing to setup host accounts for all of their cvs users. However, they now need to do separate pass

/archive/html/info-cvs/2004-10/msg00292.html (5,294 bytes)

112. Re: Looking for Help with CVS 1.11.17 (score: 38)

Author: HIDDEN

Date: Wed, 06 Oct 2004 09:35:01 -0500

I believe most times cvs ran as pserver is ran from initd and thus ran as root without having to change the perms on the executable. https://www.cvshome.org/docs/manual/cvs-1.11.17/cvs_2.html#IDX80 h

/archive/html/info-cvs/2004-10/msg00057.html (7,810 bytes)

113. RE: sspi not working (score: 32)

Author: HIDDEN

Date: Mon, 23 Aug 2004 20:42:12 +1000

Juergen, This question is probably better suited to the CVSNT list: http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt Or news://news.cvsnt.org/support.cvsnt Note: version 2.0.46 is a little old - I

/archive/html/info-cvs/2004-08/msg00207.html (5,934 bytes)

114. Re: Running multiple CVS instances (score: 24)

Author: HIDDEN

Date: Fri, 13 Aug 2004 15:03:34 -0500 (CDT)

sorry for jumping into this thread late, and I'm more sorry if I'm repeating information (I deleted all old posts before reading them by accident)... What development environments are being used. CVS

/archive/html/info-cvs/2004-08/msg00115.html (7,614 bytes)

115. Re: Running multiple CVS instances (score: 24)

Author: HIDDEN

Date: Fri, 13 Aug 2004 15:53:59 -0400 (EDT)

[ On , August 10, 2004 at 07:56:24 (-0700), mat bike wrote: ] Good for them! If I was the firewall/security admin at the other company I'd also snap that port closed before you could blink (and I'm g

/archive/html/info-cvs/2004-08/msg00114.html (6,109 bytes)

116. Re: Running multiple CVS instances (score: 31)

Author: HIDDEN

Date: Tue, 10 Aug 2004 09:10:57 -0700

Okay, it seems that the company administrators have the same low view of port 2401 as I do. They will not thank you if you give their users access to cvs on some other ephemeral port number for outbo

/archive/html/info-cvs/2004-08/msg00073.html (8,181 bytes)

117. Module based Security access in CVS (score: 166)

Author: HIDDEN

Date: Mon, 2 Aug 2004 10:19:59 +0530

Hi, In my team we using CVS as our version control system. We are using PServer for authentication. I have about 130 users in my system who have a unique user Id. All the 130 users are aliased to one

/archive/html/info-cvs/2004-08/msg00000.html (5,659 bytes)

118. Re: how to kill server but not client (score: 12)

Author: HIDDEN

Date: Fri, 30 Jul 2004 17:00:11 -0700

It is not possible to run a long-lived daemon to listen to cvs requests. There is no cvs server daemon as such. It is possible to configure cvs to be run from your inetd or xinetd in 'pserver' mode,

/archive/html/info-cvs/2004-07/msg00387.html (6,286 bytes)

119. RE: Files added to branch end up in Attic post merge to Head. (score: 9)

Author: HIDDEN

Date: Thu, 22 Jul 2004 15:38:44 -0400

When you check out the HEAD, do you get all the files that you expect? If so, then don't worry about it. How do you mean, "back in business"? This implies that you're getting an error that you have n

/archive/html/info-cvs/2004-07/msg00280.html (7,525 bytes)

120. Re: CVS on Suse Linux 8.0 ES (score: 9)

Author: HIDDEN

Date: Thu, 22 Jul 2004 12:01:13 +0200

One of the last or even the last CVS security patch contains failure which prevents commits when using pserver protocol. Use original package provided by distro and it works well. As I follow the SuS

/archive/html/info-cvs/2004-07/msg00242.html (4,698 bytes)