| From: | Rasmus Lerdorf <rasmus(at)lerdorf(dot)on(dot)ca> |
|---|---|
| To: | The Hermit Hacker <scrappy(at)hub(dot)org> |
| Cc: | hackers(at)postgreSQL(dot)org |
| Subject: | Re: [HACKERS] CVSup |
| Date: | 1998-05-01 11:36:48 |
| Message-ID: | Pine.WNT.3.96.980501073331.-148413G-100000@shell.lerdorf.on.ca |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> When I set things up, I could find no instructions for setting up
> anon-cvs that I felt comfortable implementing from a security
> standpoint...
If you use a semi-recent version of CVS, set the --allow-root restriction
in inetd.conf and create a cvs "passwd" file along with a "writers" file,
then I really don't see where the security problem is. You are not
creating system-level accounts, and if you do not put the anonymous user
in your "writers" file, then this user will not be able to alter the
repository in any way.
-Rasmus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Maurice Gittens | 1998-05-01 11:46:01 | Re: [HACKERS] CVSup |
| Previous Message | The Hermit Hacker | 1998-05-01 11:22:20 | Re: [HACKERS] CVSup |