Re: Best way to plug the CVS Security hole?

info-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Best way to plug the CVS Security hole?

From:	Noel Yap
Subject:	Re: Best way to plug the CVS Security hole?
Date:	Thu, 13 Dec 2001 14:07:37 -0800 (PST)

Use SSH instead of pserver.

Noel
--- Mark <address@hidden> wrote:
> 
> What's the best way to disable the update.prog and
> checkin.prog functionality?
> Currently I have commented out 2 REQ lines  in the
> source that seem to call
> this functionality. Is this the best way to do this?
> 
> We don't need the functionality and we are running
> cvs pserver with a non-root
> account from inetd.conf.
> 
> Can this (disabling that functionality) be made
> easier to do in the next
> release of CVS?
> 
> Thanks,
> 
> Mark
> 
> __________________________________________________
> Do You Yahoo!?
> Check out Yahoo! Shopping and Yahoo! Auctions for
> all of
> your unique holiday gifts! Buy at
> http://shopping.yahoo.com
> or bid at http://auctions.yahoo.com
> 
> _______________________________________________
> Info-cvs mailing list
> address@hidden
> http://mail.gnu.org/mailman/listinfo/info-cvs


__________________________________________________
Do You Yahoo!?
Check out Yahoo! Shopping and Yahoo! Auctions for all of
your unique holiday gifts! Buy at http://shopping.yahoo.com
or bid at http://auctions.yahoo.com

[Prev in Thread]

Current Thread

[Next in Thread]

Best way to plug the CVS Security hole?, Mark, 2001/12/13
- Re: Best way to plug the CVS Security hole?, Noel Yap <=

Prev by Date: could cvs make auto delete/add file judging from my revision ?
Next by Date: Re: could cvs make auto delete/add file judging from my revision ?
Previous by thread: Best way to plug the CVS Security hole?
Next by thread: checking out files
Index(es):
- Date
- Thread