info-cvs archive search

61. Re: Repository "other" read access (score: 19)

Author: HIDDEN

Date: 15 Feb 2006 10:31:45 -0800

Stas - Here are some best practises using WANdisco for CVS Enterprise Edition for security. You can get away from mucking with file level permissions for controlling read access. You can setup an ext

/archive/html/info-cvs/2006-02/msg00137.html (6,343 bytes)

62. Fw: password mismatch (score: 18)

Author: HIDDEN

Date: Thu, 9 Feb 2006 13:50:59 -0500

Sorry perhaps I didn't make it very clear but the user I logged in as was cvsbuild when I ran the telnet session and worked with the repository. So the user does in fact exist and CVS itself runs as

/archive/html/info-cvs/2006-02/msg00090.html (7,575 bytes)

63. Re: CVS on AIX PSERVER password mismatch issue (score: 116)

Author: HIDDEN

Date: Mon, 06 Feb 2006 20:01:40 GMT

How's this? - create a 'cvsbuild' account on the aix box - put the encrypted password in /etc/security/password in your CVSROOT/password file - remove whatever passes for .cvspass on the windows box

/archive/html/info-cvs/2006-02/msg00047.html (6,100 bytes)

64. RE: Executable bit set on Linux server from Windows client (score: 9)

Author: HIDDEN

Date: Tue, 3 Jan 2006 10:39:35 +1100

Pierre, The correct newsgroup for CVSNT questions is here: http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt or news://news.cvsnt.org/support.cvsnt Please read this FAQ before submitting a support

/archive/html/info-cvs/2006-01/msg00002.html (5,952 bytes)

65. Re: repository adjustment alternatives -- surgery vs. re-creation (score: 9)

Author: HIDDEN

Date: Thu, 08 Dec 2005 16:21:51 -0500

If the repository really is such a mess, then you may be further ahead starting over with a completely clean slate: create a new section of the repository, and import/add only the HEAD of the current

/archive/html/info-cvs/2005-12/msg00103.html (6,783 bytes)

66. WinCVS user problem (score: 9)

Author: HIDDEN

Date: 28 Nov 2005 07:29:09 -0800

I am using WinCVS 2 on windows 2003 server. I managed to get it running and setup the CVSROOT, I can checkout, commint and stuff on the server. I now want to connect to the server (on the same networ

/archive/html/info-cvs/2005-11/msg00285.html (4,531 bytes)

67. Re: unable to login to CVSD with pserver user (score: 141)

Author: HIDDEN

Date: Mon, 28 Nov 2005 06:14:09 -0500

(a able I will <Linux> You must have a legitimate security group defined in the OS for the pserver logins to 'piggyback' on. In my passwd file, there is a cvs login name, then the password, then the

/archive/html/info-cvs/2005-11/msg00284.html (6,535 bytes)

68. Re: Can't check in with CVS 1.11.21 (score: 12)

Author: HIDDEN

Date: Wed, 23 Nov 2005 13:02:56 -0500

Is that going to cause major problems? If not, go with the extssh rather than pserver. Have you tried the troubleshooting steps in the manual: http://ximbiot.com/cvs/manual/cvs-1.11.21/cvs_21.html#SE

/archive/html/info-cvs/2005-11/msg00251.html (6,051 bytes)

69. Newbie Help With Setting Up CVS.... (score: 9)

Author: HIDDEN

Date: Tue, 04 Oct 2005 10:06:25 -0500

Hello, I'm attempting to set up CVS as a solution for my web development team to maintain our websites and I've been spending the last day poring over documentation and I could really use some help..

/archive/html/info-cvs/2005-10/msg00028.html (4,937 bytes)

70. Re: Is nobody out there who can help? (score: 12)

Author: HIDDEN

Date: Mon, 22 Aug 2005 08:28:56 -0400

the facts: Linux (SuSE 9.0), cvs version: 1.11.6. Well, one thing to note is that this is an old version. Can you upgrade to the most recent version? Even if it doesn't fix your immediate problem, it

/archive/html/info-cvs/2005-08/msg00238.html (5,557 bytes)

71. Re: to stop commit (score: 20)

Author: HIDDEN

Date: Fri, 19 Aug 2005 18:37:25 -0700

It means that at most the 'cvs' user will be compromised. FWIW: I suggest that anonymous cvs readers is best handled in a jail or chrooted() directory on a mirror of the real repository. Your mileage

/archive/html/info-cvs/2005-08/msg00223.html (7,670 bytes)

72. Re: to stop commit (score: 20)

Author: HIDDEN

Date: Sat, 20 Aug 2005 00:49:52 +0000 (UTC)

Thanks. I'll check the links. Which gives everyone the right to run "cvs server" on your machine and stuff attacks down its stdin. This as opposed to running "cvs pserver" on your machine and stuffin

/archive/html/info-cvs/2005-08/msg00220.html (7,735 bytes)

73. Re: to stop commit (score: 40)

Author: HIDDEN

Date: Fri, 19 Aug 2005 10:39:44 -0500

Schrum, Allan (Allan) wrote: I concur. Mark's setup is nearly a mirror of ours. We have multiple repositories that need controlled access. While UNIX group permissions could address this at a gross l

/archive/html/info-cvs/2005-08/msg00212.html (7,530 bytes)

74. Re: to stop commit (score: 9)

Author: HIDDEN

Date: Fri, 19 Aug 2005 11:15:19 -0400

If they can apply a reader/writer concept to all access methods, activated optionally via the config file. that would be great. Also, they need to fix readers file, its only functional purpose seems

/archive/html/info-cvs/2005-08/msg00211.html (5,901 bytes)

75. RE: to stop commit (score: 34)

Author: HIDDEN

Date: Fri, 19 Aug 2005 08:45:06 -0400

I concur. Mark's setup is nearly a mirror of ours. We have multiple repositories that need controlled access. While UNIX group permissions could address this at a gross level, it does not offer the s

/archive/html/info-cvs/2005-08/msg00209.html (9,323 bytes)

76. Re: to stop commit (score: 25)

Author: HIDDEN

Date: Thu, 18 Aug 2005 18:46:15 -0700

Lots of folks are using it. A google search should find a number of possible configurations including a chrooted system or a jail. http://www.openbsd.org/anoncvs.html http://reactor-core.org/howto-ss

/archive/html/info-cvs/2005-08/msg00204.html (7,442 bytes)

77. Re: to stop commit (score: 12)

Author: HIDDEN

Date: Fri, 19 Aug 2005 00:47:34 +0000 (UTC)

Could you elaborate on the easy anonymous ssh ? The solutions I read about involved distributing a private key and assuming that the users would know what to do with it. Also, it wasn't clear to me t

/archive/html/info-cvs/2005-08/msg00203.html (6,407 bytes)

78. Re: to stop commit (score: 45)

Author: HIDDEN

Date: Thu, 18 Aug 2005 12:42:30 -0700

Yes, I do. The lack of shell access does not imply that it may not be used as an attack vector for the host operating system. In fact, CVS has had security problems in the past that have done very ba

/archive/html/info-cvs/2005-08/msg00196.html (7,679 bytes)

79. Re: Problem with admin privileges (score: 26)

Author: HIDDEN

Date: Thu, 07 Jul 2005 08:43:07 -0500

<CLIP> The only reason I am using pserver is that it allows my users to have CVAS controlled access to the respositories without giving them dierct write access to them. If you can suggest another wa

/archive/html/info-cvs/2005-07/msg00070.html (9,153 bytes)

80. Re: Problem with admin privileges (score: 89)

Author: HIDDEN

Date: Tue, 05 Jul 2005 17:32:53 -0500

<Moved CHUNK to below> Actually you have apparently. You are attempting to prevent your inside users from directly accessing the repository directories. First lets reduce it to a pserver question, be

/archive/html/info-cvs/2005-07/msg00022.html (12,147 bytes)