Mark D. Baushke [mailto:[EMAIL PROTECTED] wrote: > However, under the :pserver: method, the password is kept trivially > encoded both on your desktop (in $HOME/.cvspass) and on the server (in > CVSROOT/passwd). Just a minor correction: the passwords in CVSROOT/passwd are much more securely - CVSROOT/passwd uses the same encryption algorithm as is used for /etc/passwd (the documentation even mentions pasting the entries from /etc/passwd to CVSROOT/passwd).
Of course, the rest of the security chain contains all the other weak links you mentioned, so this does not affect any of the other concerns you raised. -- Jim Hyslop Senior Software Designer Leitch Technology International Inc. (<http://www.leitch.com/>) Columnist, C/C++ Users Journal (<http://www.cuj.com/experts>) _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
