[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security concern CVSROOT

From: Larry Jones
Subject: Re: Security concern CVSROOT
Date: Wed, 25 Oct 2000 11:45:14 -0400 (EDT)

Martin Vogt writes:
> I dont like it that every user can remotely execute commands.
> I like to have the ability that the mkmodules call is protected.
> I like to have a config obtion in CVSROOT which do something like
> this:
> MkModules=/usr/sbin/alertsysadmin_by_mail
> Or as default: leave it blank, then it rebuilds mkmodules.
> CVSROOT is not changed very much, so it is acceptable that
> it is done by some "admin"

The whole point of CVSROOT being part of the repository is that you can
use normal CVS methods to do all of these things.  For example, you can
use system file permissions and/or commitinfo to limit commits (which is
what triggers mkmodules) and you can use loginfo to do notifications.

-Larry Jones

The real fun of living wisely is that you get to be smug about it. -- Hobbes

reply via email to

[Prev in Thread] Current Thread [Next in Thread]