[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: history and val-tags locks.
|
From: |
Derek Price |
|
Subject: |
Re: history and val-tags locks. |
|
Date: |
Wed, 27 Apr 2005 18:23:46 -0400 |
|
User-agent: |
Mozilla Thunderbird 1.0.2 (Windows/20050317) |
Derek Price wrote:
> I see your point. What about `cvs server'? I can see both setups being
> useful... an admin who allowed users access to the CVS repository would
> probably prefer not to allow the config file to be specified whereas an
> admin who restriced the command that SSH users could run to a particular
> shell script that provided the -c option wouldn't mind... perhaps it
> should be a compile time option, with the default to disallow it.
On further consideration, if we are going to consider a configurable
config path with other CVS modes a security risk, then using it with
pserver has to be considered a security risk too. There is nothing
stopping a creative user with shell access to a machine from using
pserver mode to access their repository.
I might argue that any administrator worried that much about security
should be disabling shell access to the machine anyhow, which would deal
with any insecurity resulting from a configurable config path, but I
don't feel so strongly about it that I wouldn't happily install it as a
compile-time option that defaults to off.
Regards,
Derek