[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Can CVS run batch files?
From: |
TimC |
Subject: |
Re: Can CVS run batch files? |
Date: |
Sun, 06 Mar 2005 01:41:27 GMT |
User-agent: |
slrn/0.9.7.3 (Linux) |
On Wed, 02 Mar 2005 at 14:54 GMT, Jim.Hyslop (aka Bruce)
was almost, but not quite, entirely unlike tea:
> harry wrote:
>> I want to send a batch file via CVS and have CVS run it after it
>> has been downloaded to the client on the clients machine. Is it
>> possible to issue a command in CVS to run batch files or executables?
> No. This is a two-edged sword - it would be a useful feature to have (IIRC
> PVCS has, or used to have, this feature) but it's also a major security
> concern if a malicious user or virus hacks the batch file or exe on the
> server.
>
>> Any help would be greatly apreciated !!!
> You'll have to wrap your CVS in a batch file, and get your users in the
> habit of running the batch file instead of cvs.exe.
I was using this feature (Update.prog and Checkin.prog) to handle
symlinks when it was disabled last year due to the revelation that it
could be used in a malicious manner.
Since I am the only user of my repository, and there are access
controls in place to deny anyone else access to my repository, I found
this... a pain.
It would have been at least nice if the feature was turned off by
default, but had a switch to reenable it, along with a big bad warning
in the manpage saying when this feature shouldn't be used.
--
TimC -- http://astronomy.swin.edu.au/staff/tconnors/
DJ - "Isn't it pathetic to quote yourself?"
David Barnes - "No, not when you are as good as me"