[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVS security audit?

From: Greg A. Woods
Subject: Re: CVS security audit?
Date: Mon, 22 Dec 2003 02:09:42 -0500 (EST)

[ On Friday, December 19, 2003 at 21:00:46 (-0500), Larry Jones wrote: ]
> Subject: Re: CVS security audit?
> The objection is that CVS was never *designed*, or even *intended*, to
> be secure.  An audit will affect my confidence not one whit -- it's
> sufficient to keep honest people honest, nothing more.

Indeed.  I couldn't agree more.

Furthermore CVS was designed to use any sufficiently transparent remote
job execution protocol that could have a wrapper put around it such that
it works like rsh.  What more could anyone ask for than to leave both
communications _and_ security to some other specialized tools?

                                                Greg A. Woods

+1 416 218-0098                  VE3TCP            RoboHack <address@hidden>
Planix, Inc. <address@hidden>          Secrets of the Weird <address@hidden>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]