[EMAIL PROTECTED] on 2000.08.09 14:38:14
>Someone might lie to me to get write access and then attack my box. Under
>my solution they don't get very far because they don't have a general
>shell: they're contained to changing the CVS repository, which I can
>quite easily detect by examining the diffs.
>
>Under your scheme they get a general shell without much effort and can
>do damn near what they please without me being able to detect anything.
When using SSH, the server can specify exactly what the client can do. Why not
just limit them to using "cvs server"?
>I'm Canadian. I'm just trying to point out that I have almost no recourse to
>go after someone who abuses my system if they happen to live in Russia
>or China or some other country with weak ties to Canada. Even if they
>do live in Canada and I can sue/charge them with something the odds are
>I'm not going to waste my time doing that--I'd rather have defended against
>the risk than have to sue them.
And how is pserver gonna help in this respect?
>You people are so wrapped up worrying about the authentication
>issues that you have completely overlooked all the real security
>issues facing a public CVS server.
>
>Running CVS inside a chroot is sensible whether you are authenticating
>with pserver, or ssh, or your magic green wand.
I don't think anyone is arguing against using chroot. People are arguing
against putting the chroot call within CVS.
Noel
This communication is for informational purposes only. It is not intended as
an offer or solicitation for the purchase or sale of any financial instrument
or as an official confirmation of any transaction. All market prices, data
and other information are not warranted as to completeness or accuracy and
are subject to change without notice. Any comments or statements made herein
do not necessarily reflect those of J.P. Morgan & Co. Incorporated, its
subsidiaries and affiliates.
