> We continue to use CVS for various web pages because CVS is simple to > use and it works.
"simple to use" -- yes. "it works" -- I wouldn't say that of a program that is a security disaster. It clearly works, and works well. It is also trivial to secure. OpenCVS is well maintained, and in heavy use out on the big bad Internet, no need to fear monger. > Does use of CVS for them cause a concrete problem? Yes. It puts the developers' machines (and, with it, their SSH keys in ~/.ssh/ and their GPG keys in ~/.gnupg/) at risk. No, it does not.
