[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How best to secure CVS?
From: |
Greg A. Woods |
Subject: |
Re: How best to secure CVS? |
Date: |
Wed, 7 Nov 2001 19:46:44 -0500 (EST) |
[ On Wednesday, November 7, 2001 at 12:36:15 (-0800), Villalovos, John L wrote:
]
> Subject: How best to secure CVS?
>
> I was wondering if there was information out there on how best to secure
> CVS?
Use the ":ext:" method with SSH.
> How secure is the pserver mode?
Not. None. Zero. Zip.
> Can a user who has a CVS account gain root
> access on a system running pserver?
That's less likely, but not the real point of CVS security.
> I am not concerned with the passwords being passed in the clear because I am
> using STUNNEL for the pserver protocol.
That's only a very tiny part of the picture....
> How useful is it to setup a chroot environment?
Why bother? Give everyone real accounts and use accountability
mechanisms to ensure nobody does anything they shouldn't (at least not
without getting caught and properly reprimanded for).
--
Greg A. Woods
+1 416 218-0098 VE3TCP <address@hidden> <address@hidden>
Planix, Inc. <address@hidden>; Secrets of the Weird <address@hidden>