[ On Wednesday, January 22, 2003 at 08:37:52 (-0600), [EMAIL PROTECTED] wrote: ]
> Subject: Re: CVSROOT write permission vulnerability
>
> I'm starting to wonder if removing :local: mode might not be a bad
> thing. It would make things more awkward on single-computer
> inst
On Wed, Jan 22, 2003 at 03:55:15PM +0100, Fabian Cenedese wrote:
> >I'm starting to wonder if removing :local: mode might not be a bad
> >thing.
That's a bit extreme, IMO. At most it could be disabled by
default, with an option to enable it (either a configure option,
or in CVSROOT/config, or bot
I'm starting to wonder if removing :local: mode might not be a bad
thing. It would make things more awkward on single-computer
installations (at home I use it on the Linux box, and pserver on
the Macs and Windows box), but it would stop people from doing
something natural that turns out to be da
> Thanks to Mark, Eric and Larry.
>
> SO just to summarize, seems I have two options,
>
> 1.stop nfs method of sharing , use :pserver
>
> 2. Evenif nfs is used, i need to setid the repository
> and cvs
>
It's simpler than that: don't use NFS and the :local: access
method. Just say no. I've
Thanks to Mark, Eric and Larry.
SO just to summarize, seems I have two options,
1.stop nfs method of sharing , use :pserver
2. Evenif nfs is used, i need to setid the repository
and cvs
Bibhas
"Mark D. Baushke" wrote:
>
> Bibhas Kumar Samanta <[EMAIL PROTECTED]> writes:
>
> > Hi,
> >
> > I
Bibhas Kumar Samanta <[EMAIL PROTECTED]> writes:
> Hi,
>
> I have a simple query.
> We have Solaris/unix network with NIS .
> and we use /net//system/CvsRoot as our CVSROOT
> which is accessible from all machines.
>
> As CVSROOT requires write permission, it has 777 permission for
> all.
> But
On Mon, Jan 20, 2003 at 12:58:45PM -0500, Larry Jones wrote:
> Eric Siegerman writes [about setting the sticky bit]:
> > Doing that in the repo would break CVS completely, wouldn't it?
> Yes, for directories that contain files. We've been know to use it on
> directories that only contain subdirect
Eric Siegerman writes [about setting the sticky bit]:
>
> Doing that in the repo would break CVS completely, wouldn't it?
> For most users, a commit would fail at the point where it tried
> to delete the old ,v file and rename the temporary copy (indeed,
> the sticky bit would independently block
On Mon, Jan 20, 2003 at 10:53:38AM -0500, Larry Jones wrote:
> > As CVSROOT requires write permission, it has 777 permission for
> > all.
>
> Setting the sticky bit (chmod -t) on a directory prevents normal users
> from deleting or renaming files in that directory unless they own them.
Doing that
Bibhas Kumar Samanta writes:
>
> I have a simple query.
> We have Solaris/unix network with NIS .
> and we use /net//system/CvsRoot as our CVSROOT
> which is accessible from all machines.
That means you're using NFS to access your repository. There have been
lots of reports of repository corrup
Hi,
I have a simple query.
We have Solaris/unix network with NIS .
and we use /net//system/CvsRoot as our CVSROOT
which is accessible from all machines.
As CVSROOT requires write permission, it has 777 permission for
all.
But this essentially empower each user to delete the whole
CVSROOT , may
11 matches
Mail list logo
