[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Patches: cvs --allow-root=/blah server

From: Larry Jones
Subject: Re: Patches: cvs --allow-root=/blah server
Date: Tue, 3 Apr 2001 11:39:50 -0400 (EDT)

Jan Grant writes:
> In riposte, can I ask: why does pserver need --allow-root?

Because pserver typically runs as root and uses the client-supplied root
to look for a CVSROOT/passwd file that says who's allowed to log in and
who they should run as.  If it weren't for --allow-root, someone with
access to the server machine could point pserver at an arbitrary root
directory that contains their own passwd file that lets them log in and
run as root (or anyone else, for that matter).  Because server runs as
the actual user from the start, it's not subject to that kind of a
security problem.

> (a) defense in depth; (b) paranoia; (c) it's simpler; (d) there's a
> limit to the number of groups that a person can be in*.

I don't find any of those arguments persuasive.

-Larry Jones

It's clear I'll never have a career in sports until I learn
to suppress my survival instinct. -- Calvin

reply via email to

[Prev in Thread] Current Thread [Next in Thread]