In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Larry Jones) writes:
> No, it's a bug -- in pserver, you shouldn't be allowed to init a root > other than the one you specified in the AUTH REQUEST (and the standard > CVS client won't ever try). I don't think that's a serious problem > since you won't be able to do anything else with the repository you > create, but you could mount a denial of service attack by using up all > the space on a disk creating bogus repositories. Of course, there are > lots of other ways to mount DOS attacks with CVS that don't require > bugs. I'm working on a fix. Agreed. There are many ways to DOS attacks, Modified request with very big (but compressed) file, for example. In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Larry Jones) writes: > Said fix is now checked in. Thank you. -- Tanaka Akira _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
