So, if I understand you correctly, you're proposing to map a single user on the
server (connecting via SSH, RSH, or whatever) to many names within CVS, based on
the username seen by the client?
Derek
--
Derek Price CVS Solutions Architect
mailto:[EMAIL PROTECTED] OpenAvenue ( http://OpenAvenue.com )
--
Once at a social gathering, Gladstone said to Disraeli, "I predict,
Sir, that you will die either by hanging or of some vile disease".
Disraeli replied, "That all depends, sir, upon whether I embrace your
principles or your mistress."
Noel L Yap wrote:
> I was able to find the spot after all. To summarize, the patch will have the
> CVS server record the client username rather than the server username within the
> CVS logs. I have not added a new CVSROOT/config option. When using pserver,
> there'll probably be just a little bit of extra processing, but there should be
> no noticable difference (including in behaviour).
>
> I'll (try to) post a bunch of patches to SourceForge RCVS next week (yeah, yeah,
> I know I've been saying this for the last couple of weeks; but /this/ time I'm
> /really/ gonna do it ;-)
>
> Noel
>
> [EMAIL PROTECTED] on 06/16/2000 03:31:07 PM
>
> To: [EMAIL PROTECTED]
> cc: [EMAIL PROTECTED], [EMAIL PROTECTED]
> Subject: Re: Proposal: have client CVS send remote username to server CVS
>
> OK, I've decided to make such a patch. I'm not sure how to go about doing it,
> though. I can't find where in the code the client can send initial information
> (ie remote username) over to the server. Can anyone give me a pointer?
>
> Thanks,
> Noel
>
> [EMAIL PROTECTED] on 06/11/2000 09:55:55 AM
>
> To: [EMAIL PROTECTED]
> cc: [EMAIL PROTECTED] (bcc: Noel L Yap)
> Subject: Re: Proposal: have client CVS send remote username to server CVS
>
> [EMAIL PROTECTED] on 2000.06.10 19:23:23
> >Pserver authentication is completely adequate :) It just runs over the
> >insecure channel and has unclean mixage of various subsystems in its
> >current, non-nserver form.
>
> No, it's not, it's extremely prone to replay attacks and stolen .cvspass files.
> Furthermore, the encryption of the .cvspass file is reversible, meaning that,
> given a .cvspass file, /anyone/ can figure out the plaintext password.
>
> More than that, any code dealing with security _must_ be audited to ensure that
> it is secure. I don't think that's been done to any of the CVS code; I don't
> think it should be necessary.
>
> Besides, nserver doesn't address the concerns of those who want to use
> CVS_RSH=ssh.
>
> Noel
>
> This communication is for informational purposes only. It is not intended as
> an offer or solicitation for the purchase or sale of any financial instrument
> or as an official confirmation of any transaction. All market prices, data
> and other information are not warranted as to completeness or accuracy and
> are subject to change without notice. Any comments or statements made herein
> do not necessarily reflect those of J.P. Morgan & Co. Incorporated, its
> subsidiaries and affiliates.
>
> This communication is for informational purposes only. It is not intended as
> an offer or solicitation for the purchase or sale of any financial instrument
> or as an official confirmation of any transaction. All market prices, data
> and other information are not warranted as to completeness or accuracy and
> are subject to change without notice. Any comments or statements made herein
> do not necessarily reflect those of J.P. Morgan & Co. Incorporated, its
> subsidiaries and affiliates.
>
> This communication is for informational purposes only. It is not intended as
> an offer or solicitation for the purchase or sale of any financial instrument
> or as an official confirmation of any transaction. All market prices, data
> and other information are not warranted as to completeness or accuracy and
> are subject to change without notice. Any comments or statements made herein
> do not necessarily reflect those of J.P. Morgan & Co. Incorporated, its
> subsidiaries and affiliates.
