info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: to stop commit


From: S I
Subject: Re: to stop commit
Date: Thu, 18 Aug 2005 12:06:23 -0700

Mark, my hat's off to you. I'm always thankful for your feedback & expertise.

Unfortunately, I inherited my box with :pserver method already running & installed by the previous admin. However, my CVS server grants NO shell access but only allowing users to use CVS DOS Client or Tortoise to login. My question is, do you still think :pserver is unsecure with no shell access?

Thanks

Steve

----Original Message Follows----
From: "Mark D. Baushke" <address@hidden>
To: "S I" <address@hidden>
CC: address@hidden, address@hidden
Subject: Re: to stop commit
Date: Thu, 18 Aug 2005 12:01:33 -0700
MIME-Version: 1.0
Received: from colo-dns-ext2.juniper.net ([207.17.137.64]) by mc1-f35.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Thu, 18 Aug 2005 12:01:39 -0700 Received: from merlot.juniper.net (merlot.juniper.net [172.17.27.10])by colo-dns-ext2.juniper.net (8.12.3/8.12.3) with ESMTP id j7IJ1ZBm082489;Thu, 18 Aug 2005 12:01:35 -0700 (PDT)(envelope-from address@hidden) Received: from juniper.net (sapphire.juniper.net [172.17.28.108])by merlot.juniper.net (8.11.3/8.11.3) with ESMTP id j7IJ1XG59647;Thu, 18 Aug 2005 12:01:33 -0700 (PDT)(envelope-from address@hidden)
X-Message-Info: JGTYoYF78jEHjJx36Oi8+Z3TmmkSEdPtfpLB7P/ybN8=
References: <address@hidden>
X-Mailer: MH-E 7.84+cvs; nmh 1.0.4; GNU Emacs 21.3.1
X-Face: #8D_6URD2G%vC.hzU<dI&#Y9szHj$'mGtUq&d=rXy^L$-=G_-LmZ^5!Fszk:yXZp$k\nTF? 8Up0!v/%1Q[(d?ES0mQW8dRCXi18gK)luJu)loHk,}4{Vi`yX?p?crF5o:LL{6#eiO:(E:YMxLXULB k|'a*EjN.B&L+[J!PhJ*aX0n:5/
Mail-Followup-To: info-cvs <address@hidden>
Return-Path: address@hidden
X-OriginalArrivalTime: 18 Aug 2005 19:01:39.0935 (UTC) FILETIME=[43DFD6F0:01C5A427]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

S I <address@hidden> writes:

> I found out the best and quickest way for me, especially during a
> freeze was the use of the 'writers' and 'readers' admin files.

Yes, that will work if the only access is via :pserver: and not :ext: or
:local: methods.

Note: I continue to believe that :pserver: is something that is insecure
and undesirable for any use other than anonymous read from a mirror of
the primary repository. Even at that, it is very easy to have anonymous
SSH access and that would be better than resorting to :pserver:.

Generally, :pserver: should be avoided if at all possible.

        -- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQFDBNsMCg7APGsDnFERAoNtAKDDPpgbDLUutVwnUJke3NBbVNnxPACeLE8k
RUmzOHkd3xJm7j1pPJHTpA4=
=WwKo
-----END PGP SIGNATURE-----






reply via email to

[Prev in Thread] Current Thread [Next in Thread]