On Mon, Dec 15, 2003 at 10:24:47PM -0500, Derek Robert Price wrote: >Steve McIntyre wrote: > >>Derek, are you sure the simple fix in modules.c to check for >>!isabsolute() will fix the hole here? What about people specifying >>../../../../../../<something> ? Probably the easiest fix for that is >>to modify isabsolute() to check for .. entries in the path >>specified. >> >>Thoughts? > > >If you can send me a reproducible case where CVS doesn't abort with an >error, I'll be happy to look into it, but I am pretty sure CVS has been >catching the indirection case for years. Go ahead and try it.
Yup, you're right: tack:/tmp/test$ cvs -d /home/cvs co ../cvs/test cvs checkout: in directory ../cvs/test: cvs checkout: `..'-relative repositories are not supported. cvs [checkout aborted]: illegal source repository -- Steve McIntyre, Cambridge, UK. [EMAIL PROTECTED] We don't need no education. We don't need no thought control.
signature.asc
Description: Digital signature
_______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
