[EMAIL PROTECTED] on 2000.07.22 09:15:17 >>>>>> "NLY" == Noel L Yap <[EMAIL PROTECTED]> writes: > >NLY> How do you guarantee that CVSUSER is set properly (ie can't be >NLY> spoofed)? > >Because it is verified against CVSROOT/cvspasswd file (it is extended >and improved analog of CVSROOT/passwd from stock CVS). Each cvs user >has an entry there, with her very own password. > >NLY> PS I chose REMOTE_USER 'cos that's what Encommerce sets. I >NLY> haven't figured a way to spoof Encommerce's REMOTE_USER setting, >NLY> but, then again, I'm not an expert hacker. > >I just wanted to explicitly state that the value of CVSUSER is being >setup via pure CVS facilities, namely :pserver: auth protocol. They >are verified by separate binary, and only if they are verified, `cvs' >binary itself is run and uses it. I guess the ideal way is if CVS allowed for pluggable authentication. There'd be no need for my proposal and patch if this were the case. Noel This communication is for informational purposes only. It is not intended as an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction. All market prices, data and other information are not warranted as to completeness or accuracy and are subject to change without notice. Any comments or statements made herein do not necessarily reflect those of J.P. Morgan & Co. Incorporated, its subsidiaries and affiliates.
- Re: Proposal: have client CVS send remote username to serv... Derek R. Price
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to... Alexey Mahotkin
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to... Alexey Mahotkin
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to... Alexey Mahotkin
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to serv... Derek R. Price
- Re: Proposal: have client CVS send remote username to serv... Derek R. Price
- Re: Proposal: have client CVS send remote username to serv... Derek R. Price
- how to specify the cvs client port - was: Re: Proposa... Eric Sommerlade
- Re: how to specify the cvs client port - was: Re:... Derek R. Price
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to serv... Noel L Yap
- Re: Proposal: have client CVS send remote username to serv... Derek R. Price