bug-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVS server patch?


From: joel . peshkin
Subject: Re: CVS server patch?
Date: Fri, 7 Mar 2003 10:17:00 -0800


On our site, we have been using group permissions to make direct repository access (bypassing pserver) impossible as well as keeping users out of CVSROOT.  

-Joel




"Derek Robert Price" <address@hidden>

03/07/2003 09:42 AM

       
        To:        address@hidden, address@hidden
        cc:        
        Subject:        Re: CVS server patch?



address@hidden wrote:

> Derek,
>
>     I created a patch against ccvs 1.11.5 to permit a cvs password
> file to use system auth for real local users but still setuid for
> repository access.  This means that I can have passwd entries like...
> foo:+:cvsuser
> and user "foo" will still authenticate with the local system but run
> as cvsuser after authenitcation.
>
>   Would this be of use to anyone but me?


Why not just let the executable run as the user in system auth mode?  If
someone has the user's password, couldn't they get a shell account anyhow?

Derek

--
               *8^)

Email: address@hidden

Get CVS support at <http://ximbiot.com>!
--
I did not see Elvis.
I did not see Elvis.
I did not see Elvis...

         - Bart Simpson on chalkboard, _The Simpsons_







reply via email to

[Prev in Thread] Current Thread [Next in Thread]