[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVS security audit?
From: |
Greg A. Woods |
Subject: |
Re: CVS security audit? |
Date: |
Mon, 22 Dec 2003 02:09:42 -0500 (EST) |
[ On Friday, December 19, 2003 at 21:00:46 (-0500), Larry Jones wrote: ]
> Subject: Re: CVS security audit?
>
> The objection is that CVS was never *designed*, or even *intended*, to
> be secure. An audit will affect my confidence not one whit -- it's
> sufficient to keep honest people honest, nothing more.
Indeed. I couldn't agree more.
Furthermore CVS was designed to use any sufficiently transparent remote
job execution protocol that could have a wrapper put around it such that
it works like rsh. What more could anyone ask for than to leave both
communications _and_ security to some other specialized tools?
--
Greg A. Woods
+1 416 218-0098 VE3TCP RoboHack <address@hidden>
Planix, Inc. <address@hidden> Secrets of the Weird <address@hidden>