On Fri, Aug 04, 2000 at 01:11:19PM -0400, Larry Jones wrote:
> Justin Wells writes:
> >
> > I've patched CVS 1.10.8 so that it supports a new command line option:
> >
> > cvs --chroot /some/chroot/root/
>
> Why do you want to add a command line option to CVS rather than just
> using /usr/sbin/chroot in inetd.conf to run CVS?
For a couple of reasons.
1) before you chroot you have to chdir, so it would actually require a
shell script. otherwise on many unixes there is a chdir hack that
allows you to break out of the chroot.
2) cvs pserver needs to run as root long enough to setuid/setgid, and i
wanted to add a line of code ensuring that that really happened. if
for some reason the setuid/setgid doesn't happen, and cvs is left
running as root, i want it to die before looking at any more user input.
3) this way the cvs binary does not have to live inside the chrooted area,
so you don't have to re-install cvs again if your system wide cvs
happens to have this '--chroot' flag.
And, really, the cost is not high. It was about a five line change.
Justin
