[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


From: Greg A. Woods
Subject: Re: CVS & SSL
Date: Tue, 22 May 2001 13:49:43 -0400 (EDT)

[ On Tuesday, May 22, 2001 at 00:44:41 (-0400), Derek R. Price wrote: ]
> Subject: Re: CVS & SSL
> > Why does this have to be made so "difficult"?
> Writing an RSH wrapper was my first idea.  It turned out to be difficult 
> because
> CVS expects RSH to handle the 'setuid' in this case.  This code will tunnel 
> an actual
> pserver connection with all that entails.

OH!  "Pserver!"  I see.   But that begs the question!  Why bother?
Seems silly to me to make a pserver connection "secure" when you can't
make pserver itself "secure".  There's no net gain in security.

However if you insist on going down this silly road, why not just run an
stunnel "server", just like one would do with ssh, and simply tell the
CVS client that your repository is ":pserver:address@hidden:/cvsroot"?
Seems like the only obvious way to go if you ask me....

Hacks to CVS itself are most definitely unnecessary.

                                                        Greg A. Woods

+1 416 218-0098      VE3TCP      <address@hidden>     <address@hidden>
Planix, Inc. <address@hidden>;   Secrets of the Weird <address@hidden>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]