[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security setup

From: Mike Ayers
Subject: Re: Security setup
Date: Thu, 19 Dec 2002 22:58:56 -0800
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2.1) Gecko/20021130

Larry Jones wrote:
Mike Ayers writes:

Let me make sure of this. You're saying that even when running only over ssh, in a jail, with a login shell of cvs, someone can still get shell access?

They can't actually get an interactive shell, but unless you criple CVS,
they can execute arbitrary commands, which is equivalent.

So call me "Tanya", hand me a crowbar, and point to the kneecaps! Are we talking crippling by configuration here - disallowing commit scripts and the like? That would be fine, since we want nothing but checkout, checkin, and accounting. Or will I need to do the dirty work inside the codebase, which would be less appealing?

 | anya

reply via email to

[Prev in Thread] Current Thread [Next in Thread]