bug-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security issue: Full server path returned to the client


From: Wolfgang Loch
Subject: Re: Security issue: Full server path returned to the client
Date: Thu, 18 Dec 2003 20:10:35 +0100

> No, the CVSROOT variable is absolute. The CVSNT CVSROOT
> for the above should look something like:
>
> :pserver:address@hidden:/F//Company/RND/Repository/pat/to/module

Actually, CVSROOT is :pserver:ep-central:/RND/CVS

And I get the following output:

>cvs -q commit -m "new Servlet interface"  Diagnostics
Removing Diagnostics/Templates/AllCaches.html;
F:/Firma/RND/CVS/epages/epages5/AllOS/Cartridges/Diagnostics/Templates/A
llCaches.html,v  <--  AllCaches.html
new revision: delete; previous revision: 1.1
done
Checking in Diagnostics/Templates/Caches.html;
/RND/CVS/epages/epages5/AllOS/Cartridges/Diagnostics/Templates/Caches.ht
ml,v  <--  Caches.html
initial revision: 1.1
done

(sorry for the formatting)

What I don't understand is: why does it show the server path for the
removed file, but it shows the relative path for added or updated files.
I would prefer the second variant for all operations.

Wolfgang
-- 
http://www.cvs-ext.com/en/cvs-ext/





reply via email to

[Prev in Thread] Current Thread [Next in Thread]