bug-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] configure options for Update.prog and Checkin.prog


From: Mark D. Baushke
Subject: Re: [PATCH] configure options for Update.prog and Checkin.prog
Date: Sat, 15 Mar 2003 14:32:57 -0800

Mark <address@hidden> writes:

> 
> I thought I had seen discussion about disabling or removing the Checkin.prog
> and Update.prog functionality in CVS here on this list in Jan. Whatever the
> result, here is a patch to provide a option to configure to disable this
> functionality.
> 
> Thanks,
> 
> Mark
> 
> Index: server.c
> ===================================================================
> RCS file: /cvsroot/ccvs/src/server.c,v
> retrieving revision 1.289
> diff -u -r1.289 server.c
> --- server.c  14 Mar 2003 09:57:49 -0000      1.289
> +++ server.c  15 Mar 2003 18:51:34 -0000
> @@ -4776,8 +4776,10 @@
>    REQ_LINE("Max-dotdot", serve_max_dotdot, 0),
>    REQ_LINE("Static-directory", serve_static_directory, 0),
>    REQ_LINE("Sticky", serve_sticky, 0),
> +#ifndef DISABLE_CLIENT_PROGS
>    REQ_LINE("Checkin-prog", serve_checkin_prog, 0),
>    REQ_LINE("Update-prog", serve_update_prog, 0),

Hmmm.... It seems more likely that you would want to still recognize the
responses, but ignore them. Possibly adding the following to your patch?

+#else
+  REQ_LINE("Checkin-prog", serve_noop, 0),
+  REQ_LINE("Update-prog", serve_noop, 0),

would make more sense?

Also, it may make more sense to disable them by default and have a
switch to enable them that is not recommended.

In any case, you should probably provide a documentation patch along
with your submission to the doc/cvsclient.text file to indicate that
these options are configurable.

What do other folks think about this topic?

        -- Mark

> +#endif
>    REQ_LINE("Entry", serve_entry, RQ_ESSENTIAL),
>    REQ_LINE("Kopt", serve_kopt, 0),
>    REQ_LINE("Checkin-time", serve_checkin_time, 0),
> 
> Index: configure.in
> ===================================================================
> RCS file: /cvsroot/ccvs/configure.in,v
> retrieving revision 1.181
> diff -u -r1.181 configure.in
> --- configure.in      4 Mar 2003 22:47:08 -0000       1.181
> +++ configure.in      15 Mar 2003 19:03:34 -0000
> @@ -631,6 +631,21 @@
>      [Define if you want CVS to be able to be a remote repository client.])
>  fi
>  
> +# Check for option requesting the Update.prog and Checkin.prog functionality
> be disabled
> +AC_ARG_ENABLE(
> +  [client-progs],
> +  AC_HELP_STRING(
> +    [--disable-client-progs],
> +    [Disable the Update.prog and Checkin.prog functionality]))
> +
> +if test no = "$enable_client_progs"; then
> +    AC_DEFINE(
> +      [DISABLE_CLIENT_PROGS], [1],
> +      [Define to 1 to disable the Update.prog and Checkin.prog functionality.
> +       This will prevent users with write access from being able to excute
> +       abritary code on the server, as the server process account. ])
> +fi
> +
>  AC_ARG_ENABLE(
>    [password-authenticated-client],
>    AC_HELP_STRING(




reply via email to

[Prev in Thread] Current Thread [Next in Thread]