Re: Security concern CVSROOT

info-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security concern CVSROOT

From:	Larry Jones
Subject:	Re: Security concern CVSROOT
Date:	Wed, 25 Oct 2000 11:45:14 -0400 (EDT)

Martin Vogt writes:
> 
> I dont like it that every user can remotely execute commands.
> I like to have the ability that the mkmodules call is protected.
> I like to have a config obtion in CVSROOT which do something like
> this:
> 
> MkModules=/usr/sbin/alertsysadmin_by_mail
> 
> Or as default: leave it blank, then it rebuilds mkmodules.
> 
> CVSROOT is not changed very much, so it is acceptable that
> it is done by some "admin"

The whole point of CVSROOT being part of the repository is that you can
use normal CVS methods to do all of these things.  For example, you can
use system file permissions and/or commitinfo to limit commits (which is
what triggers mkmodules) and you can use loginfo to do notifications.

-Larry Jones

The real fun of living wisely is that you get to be smug about it. -- Hobbes

[Prev in Thread]

Current Thread

[Next in Thread]

Security concern CVSROOT, Martin Vogt, 2000/10/25
- Re: Security concern CVSROOT, Larry Jones <=
- Re: Security concern CVSROOT, Derek R. Price, 2000/10/28
- Re: Security concern CVSROOT, Noel L Yap, 2000/10/25
  - Re: Security concern CVSROOT, Dale Miller, 2000/10/25

Prev by Date: Security concern CVSROOT
Next by Date: Re: problem with importing vendor sources
Previous by thread: Security concern CVSROOT
Next by thread: Re: Security concern CVSROOT
Index(es):
- Date
- Thread