cvs + xinetd setgid problem
Derek Atkins
derek at ihtfp.com
Tue Feb 24 14:02:29 EST 2004
Why are you even trying to use 'pserver' for write operations? That's
a security hole waiting to bit you in the rear. You should only really
use pserver for read operations (i.e. anonymous cvs). IMHO it should not
be used for anything else.
You should use cvs over ssh for write access.
I'd also recommend you look into cvsd to limit your anon-cvs to a
chroot'ed environment.
-derek
Dan Barrett <nullpointer at pobox.com> writes:
> Folks,
> I'm trying to run a cvs respository on my Gentoo box. I've got xinetd
> running, with the cvspserver config (/etc/xinetd.d/cvspserver) looking like
> so:
[snip]
--
Derek Atkins 617-623-3745
derek at ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
More information about the Discuss
mailing list