Donald Sharp wrote: > Derek - > > What would be the best way to approach this? > > 1) Modify the parsing of the CVSROOT to automatically take this into > account, this would also include the traversal of symlinks. This should be reasonable and might even fix a couple other bugs people have reported in regards to repositories and symlinks. Care will probably have to be taken that the comparison to --allow-root comes after the parsing for security reasons, but things probably already happen that way. > The problem > that I have with this one is that I am not sure I understand the > implications of how the CVSROOT is parsed depending on if the cvs > process is in server mode or client mode. I think the issue here is simply only to bother checking symlinks in the :local: section of parse_cvsroot. I am almost certain that the server parses the root like it is :local:. > 2) Modify safe_location() to include a check for the mounted directory. > This seems safest( and easiest ) to implement. Although I don't think > that this check really belongs in safe_location(). I think you are correct about the check not belonging here, assuming no problems arise with allowing the path reduction to take place in parse_cvsroot. Derek -- Derek Price CVS Solutions Architect ( http://CVSHome.org ) mailto:[EMAIL PROTECTED] OpenAvenue ( http://OpenAvenue.com ) -- Man who run behind car get exhausted. > donald > > On Thu, Mar 01, 2001 at 09:55:08AM -0500, Derek R. Price wrote: > > Donald Sharp wrote: > > > > > The current implementation prevents via the safe_location() function > > > ( in checkout.c ). > > > > > > safe_location() follows symlinks back to find the actual location. The > > > problem that I am having is that repositories are not where they > > > say they are due to mount issues. > > > > > > For Instance: > > > > > > One repository I have is at /nfs/swtrf/repository > > > donsharp-u5:24> cd /nfs/swtrf/repository > > > donsharp-u5:25> df -k . > > > Filesystem kbytes used avail capacity Mounted on > > > saba:/swtrf 8388608 3252424 4977952 40% /auto/swtrf > > > donsharp-u5:26> pwd > > > /auto/swtrf/repository > > > donsharp-u5:27> > > > > > > This causes the safe_location() check to not catch the fact that > > > we really are inside of the repository. > > > > > > Would it be worthwhile to create a safer safe_location() that > > > looks at mount points as well? > > > > Sure. Send me a patch. Make sure to include a test case that will fail > > with the current CVS and passes with the new one. You can assume that the > > test case is run in a directory it has write access to and which resides > > on an NFS share. Create the link in tmp and test from there... > > > > Derek _______________________________________________ Bug-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/bug-cvs
