On 01/24/08 15:28:55, Todd Denniston wrote: >> I prefer something like the pserver protocol because it has >> per repository access control that is separate from the system's >> idea of users and groups, and it makes it possible to manage >> CVS access using CVS-related files/tools only. >> > > Which if I recall correctly folks over the years have indicated are weak at > best. > And you are thinking about allowing read access to the _REAL_ repository > from _anonymous_ users using pserver????
Actually, I'm reconsidering that policy. I'm gravitating towards rsyncinng a read-only copy (of the public source code tree) over to the firewalled server, and letting anoncvs have at it. > > At least with ssh you might be able (using ssh restrictions) to restrict > them to only being able to execute cvs. > http://lists.gnu.org/archive/html/info-cvs/2004-05/msg00158.html > http://lists.gnu.org/archive/html/info-cvs/2005-08/msg00204.html Yup. We already do that. > >>> If you need to get fancier then use the cvsacls script from the contrib >>> directory. >> >> I looked at that and a few other add ons. Seemed somewhat clunky >> and complex. > > because CVS (including the pserver portion) was never designed as a secure > application, the OS was to take care of that. > http://lists.gnu.org/archive/html/info-cvs/2004-01/msg00252.html Thanks for the pointer. An interesting thread. The author is clearly against wide use of pserver for a number of persuasive reasons. Perhaps, we'll just gravitate back to our curret :ext:server:+ssh approach and learn to better appreciate its virtues. > CVSNT _may_ be a bit better about the security, because they have been > working on several methods for authentication. If it requires its own clients that won't work well for us. The fact that we've stayed with cvs is mainly because of its ubqiquity. - Gary
