Larry Jones wrote:
> Mike Castle writes:
> >
> > I was always under the impression the those using OpenBSD were doing so for
> > security reasons. And pserver is far from secure!
>
> As long as all the users have shell accounts on the server, a typical
> pserver installation won't allow them to do anything they couldn't do
> from the shell account. pserver is only a security problem when you
> want to allow access to untrusted users.
That's assuming that the user can't write to the CVSROOT directory. Anyone who
can write or overwrite the CVSROOT/passwd file can give themselves root if your
cvs installation is running as root. If you run pserver as some other user
that's not a problem.
Derek
--
Derek Price CVS Solutions Architect ( http://CVSHome.org )
mailto:[EMAIL PROTECTED] OpenAvenue ( http://OpenAvenue.com )
--
Travel advisories - Alaska: Tourists are warned to wear tiny bells on
their clothing when hiking in bear country. The bells warn away MOST
bears. Tourists are also cautioned to watch the ground on the trail,
paying particular attention to bear droppings, to be alert for the
presence of Grizzly Bears. One can tell Grizzly droppings by the tiny
bells in them.
_______________________________________________
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs