Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)

[Rich Salz]

> There is no
> excuse for not using strong cryptographic security with CVS.  There is
> no excuse for building orthogonal protection mechanisms into any
> application, and most especially not one that offers public network
> services!

Except that doing it right is not the trivial job that you have
repeatedly said it is.  CVS requires the local operating system to do
all its authorization checks for it.  That means that you have to map
all remote users into a local identity.  Or, you have to trust the
server to (completely) mediate access the objects that it is serving
up.  But, there are times when this is not feasible (or even possible),
and people do things like hack cvspasswd files, "triggers" in info
scripts, etc.

>  There are 20-30 years of history and science behind the
> development of safer ways to network and now with the likes of SSH we
> can deploy these techniques with *far* less cost than any *single* risk
> we would face by not deploying them.

As long as "all the world's a vax."  Or, at least, in my passwd
database...
        /r$