Your password isn't saved there, nor is the access method. it just tracks the server/directories. You might already have more info stored in your environment variables, if you tend to use just a sing
-- Brandon Craig Rhodes <address@hidden> wrote: In the end, the OS still controls permissions to the repository. IOW, if file system permissions haven't been set for the user, no matter what CVS says
I prefer SSH myself since it affords real security. When using SSH, SSH keys are used for the authentication and file system permissions are used for authorisation. Why would you hope that readers, w
We wanted to avoid creating dozens of user accounts on our secure CVS server for our developers. This would normally be accomplished by using the :pserver: mechanism with a CVS `passwd' that mapped t
[ On Thursday, May 23, 2002 at 18:00:21 (+0300), Artamonov, Juri wrote: ] Why? If you're worried about the (incredibly minor and almost invisible on modern hardware) costs of encryption and such with
The only locks in CVS are under the hood. Users don't see any locks and are able to modify copies of the files at their whim. The first person to checkin is able to do so. The others will have to per
Hi What are the differences functionality wise between the main CVS and the CVSNT port? I have searched a few of the mailing lists but I have not come up with any concrete answers. Is there also a di
Hi What are the differences functionality wise between the main CVS and the CVSNT port? I have searched a few of the mailing lists but I have not come up with any concrete answers. Is there also a di
My first advice is that, if you have a serious concern about security, don't use pserver. Limiting specific pserver users only makes sense if you trust the users not to undermine your configuration.
[...] Here is what I setup for the CVS server. Please advise any weakness... - In my Unix server, a "cvsuser" group is created with two users "cvsadmin" and "cvsguest". They (and "root", of course :
Correct me if I am wrong, but I don't think any disgruntled employee can check in any change without a trace, even if the CVS server is using :pserver and "cvspwd" to manage user accounts. Here is wh
I am new to CVS administration and I could some education here... The "cvspwd" only changes the password file under CVSROOT/password. This has nothing to do with any Unix user account. I don't unders
[ On Wednesday, May 1, 2002 at 07:23:23 (GMT), Ben Kial wrote: ] I should certainly hope not. That would be an additional security risk on top of a major security problem. Please consider switching t
[ On Wednesday, April 24, 2002 at 17:01:19 (+0530), Sumit Mandal wrote: ] Please wrap long lines at less than 80 characters!!!!! (and please put spaces after punctuation marks!) You're probably askin
I am using WinCVS 1.3 client.They work fine.To implement CVS at organizational level,I am exploring CVS and all its features.I have the following queries from security point of view : First, please
Hi, I have recently installed the CVS NT Server in Windows 2000 Server Edition.I am using WinCVS 1.3 client.They work fine.To implement CVS at organizational level,I am exploring CVS and all its feat
Read up on the LockDir configuration setting. Noel -- Richard Caley <address@hidden> wrote: __________________________________________________ Do You Yahoo!? Try FREE Yahoo! Mail - the world's greate
[sorry if you see this twice, my first attempt seemed to go into nowhere at a time when my ISP ws having problems] I have a repository which is, for firewall and other practical reasons) accessible o
I *think* CVSNT is committing to pserver as an access mechanism. I don't think it's a good idea, for security reasons, but then I would prefer Linux or one of the *BSD for security in any case. For