Larry Jones wrote:
> On Unix-like systems, same filesystem (i.e., partition) is all that's
> required; I don't know about other systems, though. But given symbolic
> links (and mount points, if anyone's crazy enough to do that) within the
> repository,
On a side issue, there are security reasons to disallow symlinks to areas outside
the repository, aren't there? symlinks that lead outside the repository could be
used as a way around '--allow-root'. Mount points, I would expect are tough
enough to create that sysadmins can be trusted to track them. Symlinks seem like
they should be double-checked by CVS, though.
I will admit that the only initial exploit I can think of requires shell access
or write access to CVSROOT, but the latter might be enough to bother some people.
Derek
--
Derek Price CVS Solutions Architect ( http://CVSHome.org )
mailto:[EMAIL PROTECTED] OpenAvenue ( http://OpenAvenue.com )
--
I will not call the principal "spud head".
I will not call the principal "spud head".
I will not call the principal "spud head"...
- Bart Simpson on chalkboard, _The Simpsons_
_______________________________________________
Bug-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/bug-cvs
