URL:
<http://savannah.nongnu.org/bugs/?func=detailitem&item_id=14900>
Summary: "cvs server" doesn't handle --allow-root
Project: Concurrent Versions System
Submitted by: None
Submitted on: Wed 11/02/05 at 05:27
Category: None
Severity: 3 - Normal
Item Group: None
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Release:
Fixed Release: None
Fixed Feature Release: None
_______________________________________________________
Details:
"cvs server" accepts, but doesn't handle --allow-root option.
This is rather critical issue for securing shell account via OpenSSH for
those, who should use only cvs service and nothing more.
There are several reports about this behavior and even some patches.
http://ioctl.org/unix/cvs/cvs.diff
http://lists.gnu.org/archive/html/bug-cvs/2002-11/msg00061.html
My host runs 1.12.9 and this restriction is not yet implemented. Do you plan
to integrate it? If the answer is yes then when?
Thanks.
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?func=detailitem&item_id=14900>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
_______________________________________________
Bug-cvs mailing list
[email protected]
http://lists.nongnu.org/mailman/listinfo/bug-cvs
