Re: Linux security issues as they pertain to CVS

[Derek R. Price]

"Greg A. Woods" wrote:

> [ On Saturday, May 26, 2001 at 03:07:20 (-0400), Larry Jones wrote: ]
> > Subject: Re: Linux security issues as they pertain to CVS
> >
> > Greg A. Woods writes:
> > >
> > > So, if you don't have root access then how the heck do you propose to
> > > implement CVS Pserver?!?!?!?  (Hint:  you cannot.)
> >
> > Of course you can.  All you need to do is run a private copy of inetd
> > (or whatever replacement you like) as a non-root user, have it run CVS
> > as the same non-root user, and use CVSROOT/passwd to map all valid CVS
> > users to that same non-root system user.  QED.
>
> Yeah, and there's "nc -l" too.  But is either going to work in a
> production environment in a development shop?  I doubt it....

Why not?


> I'll bet it'll bring any sane and knowledgeable security officer down so
> hard on your head too that you won't even know what hit you.

Why?

Derek

--
Derek Price                      CVS Solutions Architect ( http://CVSHome.org )
mailto:address@hidden         CollabNet ( http://collab.net )
--
170. If you try to fail, and succeed, which have you done?