info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ANN: cvssh - secure ext-to-pserver bridge

From: Paul Sander
Subject: Re: ANN: cvssh - secure ext-to-pserver bridge
Date: Fri, 25 Jan 2002 00:24:31 -0800 
>--- Forwarded mail from address@hidden

>[ On Wednesday, January 23, 2002 at 22:56:35 (-0800), Paul Sander wrote: ]
>> Subject: Re: ANN: cvssh - secure ext-to-pserver bridge
>>
>> When someone uses shared accounts, they throw away Unix security.  Maybe
>> that's your point, but on the other hand Unix security is not needed in
>> many carefully controlled situations.

>No, they throw away any and all possibility of accountability,
>especially with CVS.  Period.

Applications don't require Unix user IDs to track their own user
bases.  You don't need *Unix security* to have *good security*,
even on a Unix system.  But obviously if an application does away with
Unix security and all the stuff that goes with it, then it must replace
it with its own mechanism.  This clearly can and in fact is done; ask
anyone who provides applications that service more than 33000 users
on a Unix system.

Anyway, this is getting a bit off topic...

>--- End of forwarded message from address@hidden
reply via email to
[Prev in Thread] Current Thread [Next in Thread]