[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: to stop commit
From: |
Mark D. Baushke |
Subject: |
Re: to stop commit |
Date: |
Fri, 19 Aug 2005 18:37:25 -0700 |
<#part sign=pgp sender=0x6B039C51>
Pierre Asselin <address@hidden> writes:
> Mark D. Baushke <address@hidden> wrote:
>
> > [ ... ]
> > It is even easier than that, setup a anoncvs userid with a shells that
> > only runs the execl('/usr/bin/cvs', 'cvs', 'server', NULL) function and
> > that allows an empty password.
>
> Which gives everyone the right to run "cvs server" on your machine
> and stuff attacks down its stdin. This as opposed to running "cvs
> pserver" on your machine and stuffing attacks down its stdin. Is it
> that much of an improvement?
It means that at most the 'cvs' user will be compromised.
FWIW: I suggest that anonymous cvs readers is best handled in a jail or
chrooted() directory on a mirror of the real repository. Your mileage
may vary...
> For authenticated cvs I see how ssh is more secure... because it
> just is. Your users can still attack you if they want, but there
> is an audit trail of who connected when. With anonymous cvs,
> whether through ssh or xinetd, it's basically a given that you
> allow absolutely anyone to run cvs without a lot of traceability.
>
>
> > Security of sshd is much higher than security of cvs. The only
> > vulnerability will be that of the user/group you provide for the anoncvs
> > userid instead of the possibility of 'root' in most :pserver:
> > configurations.
>
> Hmmm, I see. So the risk is an attacker cracking cvs pserver
> before it calls setuid() ?
Yes.
-- Mark
- Re: to stop commit, (continued)
- Re: to stop commit, Mark D. Baushke, 2005/08/18
- Re: to stop commit, S I, 2005/08/18
- Re: to stop commit, Mark D. Baushke, 2005/08/18
- Re: to stop commit, S I, 2005/08/18
- Re: to stop commit, Mark D. Baushke, 2005/08/18
- Re: to stop commit, Julian Opificius, 2005/08/18
- Re: to stop commit, Mark O'Brien, 2005/08/19
- Message not available
- Re: to stop commit, Pierre Asselin, 2005/08/18
- Re: to stop commit, Mark D. Baushke, 2005/08/18
- Message not available
- Re: to stop commit, Pierre Asselin, 2005/08/19
- Re: to stop commit,
Mark D. Baushke <=
RE: to stop commit, Schrum, Allan (Allan), 2005/08/19
Re: to stop commit, Julian Opificius, 2005/08/19