cvs history // cvs log

info but do not seemd to be able to get a date sorted list with the comit messages using either cvs log or cvs history cvs history -c -uME would be perfect if I could just get the message for each one of these commit messages.   Anybody know a combination to get cvs history to spill messages for

cvs update: cvs server: ignoring . (CVS/Repository missing)

Hi, I am using Concurrent Versions System (CVS) 1.11.1p1 (client/server) on client and server. Both talk over ssh. Platform is RH7.0 with the rpm from cvshome Cvs {import,co,add,commit} work as expected, only cvs update behaves strangely: [heikor@pc-heiko /tmp]$ ls test ls: test: No such

Re: cvs update: cvs server: ignoring . (CVS/Repository missing)

Heiko Rupp wrote: > > [heikor@pc-heiko test]$ cvs update -PdA > cvs server: ignoring . (CVS/Repository missing) > [heikor@pc-heiko tmp2]$ ls -ls CVS > total 12 > 4 -rw-r--r--1 heikor users 83 Jun 27 18:09 Entries > 4 -rw-r--r--1 heikor users

Re: cvs update: cvs server: ignoring . (CVS/Repository missing)

Heiko Rupp writes: > > [heikor@pc-heiko /tmp]$ ls test > ls: test: No such file or directory > [heikor@pc-heiko /tmp]$ cvs co test > cvs server: Updating test > cvs server: Updating test/heikor > cvs server: Updating test/heikor/tmp > U test/heikor/tmp/bar.c > U test

Re: cvs update: cvs server: ignoring . (CVS/Repository missing)

Larry Jones wrote: > Heiko Rupp writes: > >>[heikor@pc-heiko /tmp]$ ls test >>ls: test: No such file or directory >>[heikor@pc-heiko /tmp]$ cvs co test > > Is test defined in your modules file or is it just a directory in the > repository? It wasn't at t

Re: cvs update: cvs server: ignoring . (CVS/Repository missing)

Hi, to followup on myself: Heiko Rupp wrote: > on client and server. Both talk over ssh. Platform is > RH7.0 with the rpm from cvshome This seems to be a RedHat 7.0 problem. A cvs binary built from source shows the same behaviour. Also the sanity.sh shows errors. The same source co

CVS - CVS WebEdit, user problem

Our Software/OS Configurations/Settings RedHat 7.0 CVS 1.11 CVSWebEdit (lastest) Apache Server (version -comes with RedHat 7.0) We followed the instructions in this link to install/configure CVS: "http://www.devguy.com/fp/cf

[info-cvs] cvs rtag -a

I'm using RedHat 7 linux (cvs 1.10.8). I have found that cvs rtag -a does not actually do what it says it does. We create a static build tag every day when we build, say "Build0314", which points to the source at 12:30pm. We then do our builds, fix any errors, commit any changed

CVS/ENTRIES and cvs release

Title: Blank CVS running on Unix [Solaris] Suppose you have a subdirectory in your working copy that you no longer wish to keep under cvs control. cvs release foo    [where foo is the said directory] rm -rf foo   Later on, you wish to run cvs status, but the stat aborts because foo

Re: cvs history // cvs log

I'm not going to test this, but something like this: cvs co .# get a full repository cvs history -c -u$USER -Dyesterday >tmp$$.txt outfile=lineitems-`date +%Y%m%d`.txt while read line; do echo $line >>$outfile revision=`echo $line |

cvs rtag vs cvs tag

Currently we do development on a branch and then merge individual changes onto the branch. We use a branch tag, lets call "codeline-branch". Each night, we perform a build and then tag the build with a static tag: "codeline-static-DATE". What is the difference between

[Info-cvs] run cvs standalone?

I'd like to install cvs on my hosted website where I dont have access to inetd.conf and I can't run cvs as root. Is there another way to run the cvs server so I can access it remotely using my maccvs pro client? Seth _______ Info-cvs ma

[Info-cvs] CVS loginfo bug

I have a little script I run from loginfo which looks like the below. I gives me a "waiting for (current user)'s lock" error when I run CVS on the server machine locally. It is OK on a remote client. If I use "sh" instead of "bash" to run the script from logi

CVS

Hi All   I’ve configured a CVS repository. I want to give the rights for multiple users for the same repository. So that I can track which user has made the changes? Is it possible? Is yes, How to configure it? Please help me.   Thanks Ramesh S   Scape Velocity, Inc

cvs

hi i have the main trunk where i have 5 files with differnet versions as of now. how should checkout a file with the version which i want into working copy thanking you sudarshan ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org

CVS

Hello,   I wonder if you can help me with a sticky CVS question! We've been using CVS for quite a while now under Linux to keep track of changes on one of our main projects, and it is very good. However, one feature we would love to have, but can't seem to find, is more informat

CVS

sir, I have never used CVS before. i would like you to provide me information on the issues What is the difference between CVS and CVSNT.(apart from that for NT u need to have nt as server) To run CVS what is the server requirement and client requirement?? What are open soureprojects (like

CVS

> Can you review the attached list and tell me how CVS fairs in regard > to the characteristics we are looking for in a source management system?? > Thanks ! > ><> > > > Randy Weigers > RedSiren Technol

CVS

hi all, Trying to configure cvs with apache. any pointers to documents or tips .. AIX4.3.3 CVS apache .. thanks Shekhar. ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs

CVS

Hi All, I'm new to CVS and plan to use it for my next project but currently the CVS server only available in unix version. So, I was wondering is there a version of CVS (server not client) written entirely in Java. If not, does OpenAvenue has any plan for it? Note: I don't have any

cvs

Hello all, I am new to CVS, i have linux fedora core 3 evry time i try to checkout the project i bokmme this error i use eclipse sdk 3.01 , can anyone tel me what is the problem Authentication error: com.jcraft.jsch.JSchException: Session.connect: java.net.SocketException: Network is unreachable

cvs

Dont know if you can help but would be great if you can, my cvs on mandrake is running but i am unable to set the required permission to access it from eclipse. If I set the root/tmp by using chmod 1777 then i hav permission to access my data on the repositort\y but i perferibly dont want to

cvs -n update vs cvs diff

Some of the people I work with have noticed some discrepancies between "cvs -n update" and "cvs diff", in the number of files reported changed. Typically cvs -n update reporting a subset of files compared the list of files that cvs diff reports differences. Any ideas or sugge

cvs problem under cygwin, cvs documentation

Although we have a moderately good workaround (an old version of cvs compiled up), we have a long-standing problem with cvs in Cygwin that I'm looking into finally. We get responses like: $ /usr/bin/cvs update [EMAIL PROTECTED]'s password: ' from cvs servern

CVS support for /cvs rm -rf/???

Title: Blank Am trying to figure out the best way to transport full directory hierarchies into the Attic.  If I were to do the following::   $:  rm -rf modulename [except CVS dirs] $:  cvs -rm -rf modulename $:  cvs ci -m "removed directory"  modulename   We would like to do some

Re: CVS/ENTRIES and cvs release

Shawn Anderson writes: > > Suppose you have a subdirectory in your working copy that you no longer wish > to keep under cvs control. > > cvs release foo[where foo is the said directory] > rm -rf foo > > Later on, you wish to run cvs status, but the stat a

Re: CVS/ENTRIES and cvs release

Shawn, I've found "cvs release" rather useless except when releasing the entire working directory. If I want to get rid of a directory in my working directory I ususally do the following, which updated the CVS/Entries file correctly: cvs update -r 0 -P directory_to_remove One

Re: cvs rtag vs cvs tag

do development on a branch and then merge individual changes > onto the branch. We use a branch tag, lets call "codeline-branch". Each > night, we perform a build and then tag the build with a static tag: > "codeline-static-DATE". > > What is the difference betwe

[Info-cvs] CVS with proxy server

Hi there Does any one know how to use the cvs with a proxy server. Where I want to build the mozilla on Linux Redhat 6.2 And I want to set the cvs to be working with proxy server. Please send me if YOU know any thing

Re: [Info-cvs] run cvs standalone?

[ On Monday, September 18, 2000 at 16:06:10 (-), Seth Tager wrote: ] > Subject: [Info-cvs] run cvs standalone? > > I'd like to install cvs on my hosted website where I dont have > access to inetd.conf and I can't run cvs as root. Is there another > way to run the c

Re: [Info-cvs] run cvs standalone?

>[ On Monday, September 18, 2000 at 16:06:10 (-), Seth Tager wrote: ] >> Subject: [Info-cvs] run cvs standalone? >> >> I'd like to install cvs on my hosted website where I dont have >> access to inetd.conf and I can't run cvs as root. Is there another &

[Info-cvs] Re: run cvs standalone?

[ On Monday, September 18, 2000 at 13:58:23 (-0700), Richard Wesley wrote: ] > Subject: Re: [Info-cvs] run cvs standalone? > > Except that he wants to use MacCVS Pro, probably for Macintosh > development, and a shell account will not help him there. Well obviously I don't kno

[Info-cvs] Re: run cvs standalone?

>[ On Monday, September 18, 2000 at 13:58:23 (-0700), Richard Wesley wrote: ] >> Subject: Re: [Info-cvs] run cvs standalone? >> >> Except that he wants to use MacCVS Pro, probably for Macintosh >> development, and a shell account will not help him there. > >

Re: [Info-cvs] run cvs standalone?

Yes, I have a shell account and I've installed cvs myself. I use ssh to access my shell account. The last part of the installation that I'm interested in is setting up a server daemon so I can log into the cvs server using a gui cvs client like MacCVS Pro 2.5. The manul talks about

Re: [Info-cvs] run cvs standalone?

This whole stuff is OT here and has almost nothing to do with CVS itself. It's just about networking. On Tue, Sep 19, 2000 at 09:41 -0700, Seth Tager wrote: > > Yes, I have a shell account and I've installed cvs myself. I > use ssh to access my shell account. [ ... ] > &

Re: [Info-cvs] CVS loginfo bug

I can't imagine that a script that doesn't use CVS commands or create the lock files explicitly would cause this problem. Are you sure you're not running two invocations of CVS? Maybe something about your script hangs in BASH and you ran CVS again without killing the old

Re: [Info-cvs] CVS loginfo bug

M 9/20/00 -0400, you wrote: >I can't imagine that a script that doesn't use CVS commands or create the >lock files explicitly would cause this problem. Are you sure you're not >running two invocations of CVS? Maybe something about your script hangs in >BASH and yo

Re: CVS Pragma - extensibility for CVS

This is such a GREAT idea!!! Could it PLEASE become part of the mainstream?!? I was planning to add subcommands to CVS, but dread having to change the client, since I have no clue how to rebuild it like I can the server side. With this feature I can just add scripts. For example, when

Re: CVS Pragma - extensibility for CVS

--- In [EMAIL PROTECTED], [EMAIL PROTECTED] wrote: > > This is such a GREAT idea!!! Could it PLEASE become part of the > mainstream?!? I was planning to add subcommands to CVS, but dread having to > change the client, since I have no clue how to rebuild it like I can the &

Re: CVS Pragma - extensibility for CVS

CVS maintainers? What would it take for you to consider it? One change I might be tempted to make now would be to change the command. You know, something like 'cvs x command' might be tidier. Best regards, Martin. --- [EMAIL PROTECTED] wrote: > > This is such a GREAT idea!!!

Re: CVS Pragma - extensibility for CVS

On Tue, Oct 10, 2000 at 05:12:43PM -, Martin Cleaver wrote: > > This is such a GREAT idea!!! Could it PLEASE become part of the > > mainstream?!? I was planning to add subcommands to CVS, but dread > having to > > change the client, since I have no clue how to reb

CVS Development connected to CVS production

onment which is located at another server. How should the root reposistory in the developing be connected to the root repository in the production environment? Can you have clients with the the developing environment as root repository and then view the cvs source at developing as a client to

[PATCH] cvs list and cvs rlog

On the 16th of last month, Peter Bowen posted a patch on the info-cvs-request list that provided a new command, "cvs list". Unfortunately, that patch has a bug (try "cvs ls -a CVSROOT" on a new repository). "cvs list" is a very useful command, but you still can

Win32 cvs client - Unix cvs server

Hi, The FAQ says that Win32 cvs clients don't get along with Unix cvs servers, and the mix should be avoided. Is that advice still correct ? I have cvs-1.11.19 (binaries obtained from cvshome website) on my Windows 2000 box, and I have cvs-write permission to a sourceforge project.

CVS vs ClearCase, was RE: cvs -n update vs cvs diff

you could build, label (tag), branch, merge and do everything within the same workspace. How does CVS differ from that model? It would really help me out if somebody could provide some direction on this. I keep stumbling over the differences between how CVS and ClearCase handles these thing. ---

Re: CVS vs ClearCase, was cvs -n update vs cvs diff

On Tue, 22 Oct 2002, Johnson, Susan wrote: > I'm used to ClearCase, where a person worked within a > dynamic view and you could build, label (tag), branch, > merge and do everything within the same workspace. > > How does CVS differ from that model? In that it does not have

Re: cvs update (cvs status shows CVS/Entries cached date/time)

Jayashree wrote: > > Hi, > > $cvs status a.c > File: a.cStatus: Locally Modified >Working revision:1.40Mon Sep 2 20:46:00 2002 >Repository revision: 1.40/home/cvs/a.c,v > > What does the time stamp " Mon Sep 2 20:46:00 2002"

Re: CVS vs ClearCase, was RE: cvs -n update vs cvs diff

--- "Johnson, Susan" <[EMAIL PROTECTED]> wrote: > I'm used to ClearCase, where a person worked within > a > dynamic view and you could build, label (tag), > branch, > merge and do everything within the same workspace. > > How does CVS differ from that

Re: CVS vs ClearCase, was RE: cvs -n update vs cvs diff

[ On Tuesday, October 22, 2002 at 14:01:12 (-0700), Johnson, Susan wrote: ] > Subject: CVS vs ClearCase, was RE: cvs -n update vs cvs diff > > How should a working directory be used? What should > be done within it, and what should be done in a > separate working directory? Well

cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)

>>>>> "GAW" == Greg A Woods <[EMAIL PROTECTED]> writes: >> http://alexm.here.ru/cvs-nserver/ >> That looks like a really good idea. GAW> Be warned that if used in the scenario where it provides "virtual GAW> repositories" it suf

Re: cvs -n update vs cvs diff

On Mon, 21 Oct 2002, David A Uebele wrote: > Date: Mon, 21 Oct 2002 10:48:13 -0700 (PDT) > From: David A Uebele <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: [info-cvs] cvs -n update vs cvs diff > > Some of the people I work with have noticed > some discrepan

Re: cvs -n update vs cvs diff

Kaz Kylheku said something close to this: > > > Some of the people I work with have noticed > > some discrepancies between "cvs -n update" and "cvs diff", > > in the number of files reported changed. > > cvs -n update shows you what has changed in t

Re: cvs -n update vs cvs diff

onna skip this block for years. -- Calvin _______ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs

RE: cvs -n update vs cvs diff

sage message output by 'cvs diff --help' (and of course in the manual). All the best Kris Thielemans (kris.thielemans ic.ac.uk) Imaging Research Solutions Ltd Cyclotron Building Hammersmith Hospital Du Cane Road London W12 ONN, United Kingdom web site address: htt

RE: cvs -n update vs cvs diff

s before. I think it > would be helpful for a > lot of users to make this *very* explicit in the > usage message output by > 'cvs diff --help' (and of course in the manual). Most of the time, developers care about the changes they've made, not what changes others have ma

RE: cvs -n update vs cvs diff

[ On Tuesday, October 22, 2002 at 16:17:25 (+0100), Kris Thielemans wrote: ] > Subject: RE: cvs -n update vs cvs diff > > > By default, diff compares against the version you checked out. If you > > want to compare against the top of the tree, you have to specify -r > > H

Re: cvs problem under cygwin, cvs documentation

I wrote: > Although we have a moderately good workaround (an old version of cvs > compiled up), we have a long-standing problem with cvs in Cygwin that > I'm looking into finally. We get responses like: In case you didn't see my other warning post, I'll repeat it her

Re: cvs problem under cygwin, cvs documentation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: >Although we have a moderately good workaround (an old version of cvs >compiled up), we have a long-standing problem with cvs in Cygwin that >I'm looking into finally. We get responses like: > My Cygwin

Re: cvs problem under cygwin, cvs documentation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: >Concurrent Versions System (CVS) 1.11.6 (client/server) P.S., 1.11.6 is getting pretty old. You should consider upgrading to 1.11.14. A lot of bug fixes have gone in since 1.11.6, some specific to Cygwin, at least

Re: [Freepos-cvs] cvs and gnats link?

course. This sweeping bureacracy change is to include a bug > tracking system. I've been looking at GNATS and would like to know if CVS > and GNATS can be linked. From a developer standpoint, it would be most > convenient and less error prone to type the same information once rather >

Migrating from CVS 1.9 to CVS 1.11

Hi, I am planning to move the repository which was using CVS 1.9 to CVS 1.11. Do I need to do anything to make the repository compatible with the new version other than just moving the repository?. Thanks inadvance, -Raghav ___ Info-cvs mailing

BUG in "cvs сo -r" (CVS 1.11.0)?

Hello, I tried a "cvs co -r mytag myproj" and receive the following: cvs [checkout aborted]: cannot open directory .../CVS/mypoj/Attic: Not a directory It is true -- since i have deleted nothing in myproj yet, i don't have Attic in it. But why is it impossible to checkout a tag

CVS/Entries error when issuing CVS commands

Hello: I am having trouble accessing a remote repository in CVS. The access method I am using is :pserver. I have everything set up on the server correctly, but I am not sure about the client. I am logging on to the remote server/repository successfully, but when I try to use the "add&

Re: [info-cvs] Re: cvs vs. perforce

On Fri, 29 Mar 2002, Eivind Eklund wrote: > Things Perforce are better at than CVS: > - Maintaining metadata. Perforce handles more kinds of metadata than > CVS; for instance, a commit is a single unit, and is not spread > across different files. The inform

Linking CVS repositories to other CVS repositories

I need to know the best way to create links in CVS repositories. Specifically, can I construct links such that a module can be linked within another module and be checked out as a subdirectory. Here is an example of my situation. Say I have two modules, A and B. Both modules reside in their

cvs ci, cvs upd: Hard linkage problem

Hey all, got a quick one now. My Linux pserver reports *all* the time: cvs update: unknown_icon.gif: hard linkage of 1.1.1.1 and working file do not match (Obviously the file names and revisions vary *grin*) It sais this as well, when I want to commit something to the Repo. Running Suse 6.2

Re: CVS support for /cvs rm -rf/???

Shawn Anderson writes: > BlankAm trying to figure out the best way to transport full directory > hierarchies into the Attic. If I were to do the following:: > > > > $: rm -rf modulename [except CVS dirs] > > $: cvs -rm -rf modulename > > $: cvs ci -m "

Re: CVS support for /cvs rm -rf/???

> Shawn Anderson writes: >... trying to figure out the best way to transport full directory > hierarchies into the Attic. There's a very easy way: cvs co directory_to_remove cvs rm -f directory_to_remove

Re: CVS support for /cvs rm -rf/???

> > Shawn Anderson writes: > >... trying to figure out the best way to transport full directory > > hierarchies into the Attic. > > There's a very easy way: > > cvs co directory_to_remove > cvs rm -f directory_to_remove > > > >

Re: CVS support for /cvs rm -rf/???

If you're client is running under unix, you can do something like: find . -prune CVS -type f -exec rm \{} ; cvs remove \{} \; Rex. Shawn Anderson <[EMAIL PROTECTED]> on 07/07/2000 08:59:13 AM To: CVS ListServe <[EMAIL PROTECTED]> cc:(bcc: Rex Jolliff/YM/RWDO

Re: cvs-nserver and latest CVS advisory

[ On Wednesday, August 9, 2000 at 09:02:09 (-0400), Noel L Yap wrote: ] > Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS >chroot) > > From (the little of) what I understand of nserver, it separates out the > authentication from CVS. This

Re: cvs-nserver and latest CVS advisory

send a bug report, whatever to the cause of this state of affairs? > Not to mention trusting the users. I don't trust them. I don't actually > see ssh as significantly increasing my security because even with maximal > security between the user and the server, I still don't

Re: cvs-nserver and latest CVS advisory

[ On Wednesday, August 9, 2000 at 11:18:56 (-0600), Tobias Weingartner wrote: ] > Subject: Re: cvs-nserver and latest CVS advisory > > Then you are screwed. CVS was never meant to be used in this fashion. If you > read the original paper, I believe that it basically says that in a

Re: cvs-nserver and latest CVS advisory

On Wednesday, August 9, Greg A. Woods wrote: > [ On Wednesday, August 9, 2000 at 11:18:56 (-0600), Tobias Weingartner wrote: ] > > Subject: Re: cvs-nserver and latest CVS advisory > > > > Then you are screwed. CVS was never meant to be used in this fashion. If you > >

Re: cvs-nserver and latest CVS advisory

I still don't trust the user. > > Then you are screwed. CVS was never meant to be used in this fashion. Actually it's worked out quite well. As Greg pointed out there are two kinds of trust: Human "I trust you" trust: I trust my users in this sense, by handing

Re: cvs-nserver and latest CVS advisory

[ On Wednesday, August 9, 2000 at 19:48:24 (-0400), Justin Wells wrote: ] > Subject: Re: cvs-nserver and latest CVS advisory > > My requirement is that if someone proves to be untrustworthy I want > to be able to disable their access to the box and undo whatever it > is that they&

Re: cvs-nserver and latest CVS advisory

[ On Wednesday, August 9, 2000 at 16:15:47 (-0600), Tobias Weingartner wrote: ] > Subject: Re: cvs-nserver and latest CVS advisory > > On Wednesday, August 9, Greg A. Woods wrote: > > [ On Wednesday, August 9, 2000 at 11:18:56 (-0600), Tobias Weingartner wrote: ] > > >

Re: cvs-nserver and latest CVS advisory

chroot (or better > > yet, jail(2) on FreeBSD). > > You cannot have accountability with cvspserver, at least not without > voiding your warranty and running CVS as root for a bit I personally estimate my own risks as being like this: 90%: I give a password to someone who turns out

Re: cvs-nserver and latest CVS advisory

[EMAIL PROTECTED] on 2000.08.10 02:57:51 > 90%: I give a password to someone who turns out to be nasty and >they try to do something unpleasant to my archive This can happen with SSH as well. >8%: Someone sniffs a CVS password somewhere > >2%: Someone

Re: cvs-nserver and latest CVS advisory

[ On Thursday, August 10, 2000 at 02:57:51 (-0400), Justin Wells wrote: ] > Subject: Re: cvs-nserver and latest CVS advisory > > Having a chrooted pserver actually eliminates far more risk than a > non-chrooted ssh solution would. The ssh solution would substantially > improve

Re: cvs-nserver and latest CVS advisory

On Thu, Aug 10, 2000 at 11:40:41AM -0400, Noel L Yap wrote: > Also, how do you know who did what when users aren't "really" authenticated? > For example, using your numbers, there's a 1 out of 10 chance > (fairly high in my opinion), that someone can pose as someone else. Where does this 1 in

Re: cvs-nserver and latest CVS advisory

[EMAIL PROTECTED] on 2000.08.10 16:41:35 >On Thu, Aug 10, 2000 at 11:40:41AM -0400, Noel L Yap wrote: > >> Also, how do you know who did what when users aren't "really" authenticated? >> For example, using your numbers, there's a 1 out of 10 chance >> (fairly high in my opinion), that someone

Re: cvs-nserver and latest CVS advisory

On Thu, Aug 10, 2000 at 05:45:09PM -0400, Noel L Yap wrote: > OK, then. Given an attack, there's a 1 out of 10 chance that someone can pose > as someone else. That's still pretty high. Yes that's true, given an attack there is a 1 in 10 chance someone will be posing as someone else. In that ca

Re: cvs-nserver and latest CVS advisory

t of the repository. Secondly, they will leave a trail behind under their uid so I'll know which account to delete and which files to fix. With your unchrooted SSH solution you are effectively giving a root shell to every one of those connected clients because: 1) given CVS access you can ge

Re: cvs-nserver and latest CVS advisory

[ On Thursday, August 10, 2000 at 22:13:46 (-0400), Justin Wells wrote: ] > Subject: Re: cvs-nserver and latest CVS advisory > > Yes that's true, given an attack there is a 1 in 10 chance someone will > be posing as someone else. In that case I disable the userid and w

Re: cvs-nserver and latest CVS advisory

[ On Thursday, August 10, 2000 at 22:09:44 (-0400), Justin Wells wrote: ] > Subject: Re: cvs-nserver and latest CVS advisory > > Yes I have. That's what I just did. No you did not -- you showed some completely unrelated claims and then switched the bait > > Indeed if

Re: cvs-nserver and latest CVS advisory

[EMAIL PROTECTED] on 2000.08.10 22:13:46 >On Thu, Aug 10, 2000 at 05:45:09PM -0400, Noel L Yap wrote: >> OK, then. Given an attack, there's a 1 out of 10 chance that someone can pose >> as someone else. That's still pretty high. > >Yes that's true, given an attack there is a 1 in 10 chance s

Re: cvs-nserver and latest CVS advisory

just did. I think the keyword here is "calculated". >Yes, and to have ANY security at all you *have* to chroot and you >have to use real unix userids. That's true for the ssh solution just >as much as it's true for the pserver. I think this has been discussed before

Re: cvs-nserver and latest CVS advisory

On Thu, Aug 10, 2000 at 05:45:09PM -0400, Noel L Yap wrote: > [EMAIL PROTECTED] on 2000.08.10 16:41:35 > >Yes. Because either they are doing something nasty or someone has > >compromised their password. > > > >I do use real unix uids so I can determine which *userid* did the damage, > >providing t

Re: cvs-nserver and latest CVS advisory

SSH. Wrong again. When pserver is authenticating with real Unix uid's there is no way for someone to fool CVS into changing their UID. CVS can't do it. > > > But the real culprit gets away. This wouldn't happen with SSH. > > > > The culprit gets away no matter

Re: cvs-nserver and latest CVS advisory

xchange some public key with you, but that's not a general solution for a worldwide accessible repository. It would be nice if use of PGP was widespread and the "web of trust" actually existed and such... but it isn't and it doesn't so we're stuck. > And in the

Re: cvs-nserver and latest CVS advisory

On Fri, Aug 11, 2000 at 08:35:03AM -0400, Noel L Yap wrote: > I see. So the conversation might go something like: > Client: Hey, why was my user id shut down? > You: Oh, your user id was used for some hacking. > Client: It wasn't me. I was framed. > You: Oh, OK, I'll give you a new user id. Ye

Re: cvs-nserver and latest CVS advisory

Greg's), the additional accountability from SSH is not that important, and the barrier it presents is, in Justin's opinion, a more serious problem. Again, if somebody would like to change Mac and Wintel CVS clients to use SSH, presumably protocol 2, that would be very useful. Until it h

Re: cvs-nserver and latest CVS advisory

[ On Friday, August 11, 2000 at 10:21:15 (-0500), David Thornley wrote: ] > Subject: Re: cvs-nserver and latest CVS advisory > > So, in Justin's case (and obviously not in Greg's), the additional > accountability from SSH is not that important, and the barrier it >

Re: cvs-nserver and latest CVS advisory

[ On Friday, August 11, 2000 at 10:47:36 (-0400), Justin Wells wrote: ] > Subject: Re: cvs-nserver and latest CVS advisory > > No, they only have write access to small parts of it. Any, and *ALL* of those parts are ultimately what you're trying to protect in the first p

Re: cvs-nserver and latest CVS advisory

[ On Friday, August 11, 2000 at 10:33:51 (-0400), Justin Wells wrote: ] > Subject: Re: cvs-nserver and latest CVS advisory > > Wrong again. When pserver is authenticating with real Unix uid's there is > no way for someone to fool CVS into changing their UID. CVS can't do i

Re: cvs-nserver and latest CVS advisory

[EMAIL PROTECTED] on 2000.08.11 15:29:07 >> There's zero accountability with ssh too. People just have to sound like >> they're nice and competent developers and have an email address that works. > >Wrong. SSH has strong authentication, which means that in a properly >configured Unix server e

Re: cvs-nserver and latest CVS advisory

contract scenario accountability can be attained in > many ways, such as by restricting developers to a private, secure, LAN; > and of course authentication is secure because you really do know their > true identity and you have a legally binding contract with them. I have set up CVS repositor

Re: cvs-nserver and latest CVS advisory

[ On Friday, August 11, 2000 at 18:56:28 (-0400), Justin Wells wrote: ] > Subject: Re: cvs-nserver and latest CVS advisory > > I need the contributions of the Windows/Mac developers that I might > lose by staying with SSH far more than I need to avoid any chance of > a breakin

[Info-cvs] CSERVER extension to cvs [DRAFT]

password in clear text (more or less) in you local homedirectory. This is a potential security hole, if another user can read this file he has at the same time the user password, which mean the can log into a machine! The usual solution for this is: -You setup virtual cvs accounts. But this has another

  1   2   3   4   5   6   7   8   9   10   >