=================== Bug #7: Latest Modifications ==================
http://savannah.gnu.org/bugs/?func=detailbug&bug_id=7&group_id=11
Changes by: Loic Dachary <[EMAIL PROTECTED]>
Date: 2002-Apr-29 18:27 (GMT)
What | Removed | Added
---------------------------------------------------------------------------
Resolution | None | Fixed
Status | Open | Closed
------------------ Additional Follow-up Comments ----------------------------
The patch was applied and tested for a while. It is now
activated by default for all pserver sessions. The
documentation http://savannah.gnu.org/savannah.html was updated to reflect the
change. The old cvs server was backed up in /usr/bin/cvs-2002-04-20 in case
something really bad happens.
=================== Bug #7: Full Bug Snapshot ===================
Submitted by: ljulliar Project: savannah
Submitted on: 2002-Apr-19 14:15
Category: CVS Severity: 9 - Blocker
Priority: Low Bug Group: None
Resolution: Fixed Assigned to: loic
Status: Closed Effort: 5.00
Summary: Potential overflow on CVS server command line
Original Submission: Savannah currently uses a standard cvs server. All the
allowed root files are therefore passed as a lonmg series of "--allow-root
/cvsroot/foo" options.
On Linux the size limit for a command line is 64 KBytes so at about say 40
chars per option, the command overflow will show up when we'll approach 1600
projects.
Follow-up Comments
*******************
-------------------------------------------------------
Date: 2002-Apr-29 18:27 By: loic
The patch was applied and tested for a while. It is now
activated by default for all pserver sessions. The
documentation http://savannah.gnu.org/savannah.html was updated to reflect the
change. The old cvs server was backed up in /usr/bin/cvs-2002-04-20 in case
something really bad happens.
-------------------------------------------------------
Date: 2002-Apr-22 07:21 By: lo-lan-do
You could also check out a patch I submitted to the upstream maintainers of
CVS. This patch adds a "--allow-root-regexp" command line option, allowing you
to specify, for instance, "/var/lib/savannah/cvsroot/.*" as allowed cvsroots.
I can't remember the URL offhand, but it seemed to work, and it should be
included in the next release of CVS.
-------------------------------------------------------
Date: 2002-Apr-20 22:20 By: loic
Applied the patch. A test server is available on port 2402.
cvs -d :pserver:[EMAIL PROTECTED] co uri
-------------------------------------------------------
Date: 2002-Apr-19 14:22 By: ljulliar
I have already fixed this problem for CodeX at Xerox. We just need to apply a
little patch to cvs (see attachement) which creates a new option called
"--allow-root-file filename" where the file contains a list of allowed cvs root.
This file of allowed cvs roots will be generated by the Savannah background
daemon.
For detailed info, follow this link:
http://savannah.gnu.org/bugs/?func=detailbug&bug_id=7&group_id=11
