Re: Proposal: have client CVS send remote username to server CVS

[Noel L Yap]

[EMAIL PROTECTED] on 2000.07.24 17:16:40
>> Yes, mapping several users to one system user (while CVS remembers the real
>> username) is what I'm trying to achieve.  I guess my proposal pushes the
>> authentication responsiblity onto the client machine.
>
>You proposal seems to push some of the chore of authentication to the client,
>but it still trusts users not to replace their version of CVS with the
>hypothetical hacked version which sends whatever user ID the user likes, so
>security isn't maintained.

And hence my point that developers must be trusted.  In fact, this is a basic
philosophy of CVS.

Noel



This communication is for informational purposes only.  It is not intended as
an offer or solicitation for the purchase or sale of any financial instrument
or as an official confirmation of any transaction. All market prices, data
and other information are not warranted as to completeness or accuracy and
are subject to change without notice. Any comments or statements made herein
do not necessarily reflect those of J.P. Morgan & Co. Incorporated, its
subsidiaries and affiliates.