[ On Monday, August 14, 2000 at 17:20:06 (+0100), Tony Hoyle wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> It doesn't mention how to stop SSH asking for a password every time you
> use it
That's a basic SSH quest
"Greg A. Woods" wrote:
> If so then I'm afraid there's probably little help you can get beyond
> that you've already seen.
>
> I really can't imagine how it could be made much more lucid, accurate,
> or usable either! It all looks painfully obvious and extremely well
> detailed to me. The first
On Fri, Aug 11, 2000 at 04:03:03PM -0400, Greg A. Woods wrote:
> > And the risk that I'll be attacked by a bug in the auth code is much less
> > than the risk that I'll be attacked by a properly authorized user.
>
> This would be true if it were completely true, but without SSH you do
> not have
Can we please stop this thread( or at least take this to private email )?
Thanks!
donald
On Fri, Aug 11, 2000 at 04:03:03PM -0400, Greg A. Woods wrote:
> [ On Friday, August 11, 2000 at 10:30:09 (-0400), Justin Wells wrote: ]
> > Subject: Re: cvs-nserver and latest CVS advisory (Was:
[ On Friday, August 11, 2000 at 10:30:09 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> And the risk that I'll be attacked by a bug in the auth code is much less
> than the risk that I'll be attacked by
[ On Thursday, August 10, 2000 at 15:27:52 (-0400), Laird Nelson wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> Mike Castle wrote:
> >
> > On Wed, Aug 09, 2000 at 11:54:33AM -0400, Justin Wells wrote:
> > > Is it as
Yes, I agree. I haven't mentioned anything because I just recently subscribed, but
sheesh! look at the all this stuff. It just
seems like two people disagreeing, and as such should be held over private channels.
If I'm incorrect and other people
find the discussion to be valuable, please di
Please, can we stop this thread? I think we can all agree that
their is a philosiphical( sic ) difference between each side here.
I also think that we can agree that each side's not going to convince
the other of their arguement.
Thanks!!
donald
On Fri, Aug 11, 2000 at 10:23:43AM -0400, Justi
On Fri, Aug 11, 2000 at 03:07:06AM -0400, Greg A. Woods wrote:
> > At least pserver can be patched so it doesn't give out shells.
>
> So if you're not giving out shells then why are you worried about doing
> the chroot() then? :-)
>
> You've gotta keep your story straight man!
Because it's the
On Fri, Aug 11, 2000 at 02:39:22AM -0400, Greg A. Woods wrote:
> > Also I want to add that my patch does nothing to CVS unless you actually
> > specify the --chroot flag, and even then, it does nothing unless you are
> > also using pserver (it's an error to use --chroot other than with pserver).
>
[ On Thursday, August 10, 2000 at 22:28:18 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> On Thu, Aug 10, 2000 at 12:40:20PM -0400, Greg A. Woods wrote:
> > The current implementation of cvspserver was always
[ On Thursday, August 10, 2000 at 22:25:46 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> Greg will claim it does "nothing" because it does nothing to improve
> authentication, even though it does
[ On Friday, August 11, 2000 at 12:49:01 (+0800), Mark Harrison wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> Or because it works quite well for our needs. You're welcome
> to mount an attack. The IP address is 10.1.42.3
- Original Message -
From: Greg A. Woods <[EMAIL PROTECTED]>
> The people who use it
> now use it only because it is there and they don't know any better not
> to use it or they're too lazy/bull-headed to change now that they do
> know.
Or because it works quite well for our needs. You'
On Thu, Aug 10, 2000 at 12:42:26PM -0400, Greg A. Woods wrote:
> [ On Wednesday, August 9, 2000 at 02:26:12 (-0700), Paul Sander wrote: ]
> > Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
> >
> > Isn't it Justin's point that his
On Thu, Aug 10, 2000 at 12:40:20PM -0400, Greg A. Woods wrote:
> The current implementation of cvspserver was always fatally broken. the
> RSH method was available right from the beginning and could just as
> easily have been implemented in every client, easier in fact than
> writing the current
On Thu, Aug 10, 2000 at 12:29:02PM -0400, Noel L Yap wrote:
> Exactly what you've been saying you're going to do about it -- recover.
> Only now, you really do know their email address -- it's not just someone
> pretending to be them.
OK, sure that's true. With SSH I am really positive that th
On Thu, Aug 10, 2000 at 11:56:13AM -0400, Rich Salz wrote:
> My last word on the subject.
>
> CVS requires everyone to be in your passwd file. So does SSH, no?
With my --chroot patch this is optional. You can give everyone different
uid's, or you can give them all the same uid. The password fi
Mike Castle wrote:
>
> On Wed, Aug 09, 2000 at 11:54:33AM -0400, Justin Wells wrote:
> > Is it as easy for a WinCVS user to set up ssh as it is to set up pserver?
>
> Yes.
Excellent! I've been looking to do this for a long time. Could you
point me to the URL that says how to do this? I follo
[ On Thursday, August 10, 2000 at 11:56:13 (-0400), Rich Salz wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> My last word on the subject.
>
> CVS requires everyone to be in your passwd file. So does SSH, no?
No, CVS when using
>
> Here's my point: the pserver patch makes pserver more secure. You may not
> like pserver, but it's still a part of CVS, and anything that is still a
> part of CVS ought to be the best that it can be.
>
> There are only two defensible options here:
>
> a) immediately remove pserver from
[ On Wednesday, August 9, 2000 at 02:26:12 (-0700), Paul Sander wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> Isn't it Justin's point that his users can't be held accountable for their
> actions? What does he do if
[ On Wednesday, August 9, 2000 at 02:05:58 (-0700), Paul Sander wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> This analogy is somewhat flawed. Engineering is a balance of "doing it right"
> versus "doing it well enou
[EMAIL PROTECTED] on 2000.08.10 10:26:29
>On Thu, Aug 10, 2000 at 09:45:13AM -0400, Noel L Yap wrote:
>
>> (Also, IMHO, the
>> clients should generate the key pair (what password are you
>> talking about?) and give you the public key).
>
>OK, so they do that and then they attack me. Really, wh
[EMAIL PROTECTED] on 2000.08.10 10:11:57
>On Thu, Aug 10, 2000 at 09:31:21AM -0400, Noel L Yap wrote:
>
>> So why not chroot the SSH cvs server?
>
>When SSH is well enough supported by the clients that is exactly what
>I will do.
And how will they get there if you don't push them?
>> At leas
My last word on the subject.
CVS requires everyone to be in your passwd file. So does SSH, no?
You say "what's so hard about that." I say that there are times when it
is difficult, impossible, or just plain not appropriate. If you cannot
imagine such scenarios, so be it.
/r$
"Greg A. Woods" wrote:
>
>
> > I ran [SSH] for six months and none or few of my WinCVS clients got it working.
> > Now some documentation has been posted explaining how to do it, but I can
> > see that it's a fairly painful installation. Hopefully that will change soon
> > and I can really use t
On Thu, Aug 10, 2000 at 09:45:13AM -0400, Noel L Yap wrote:
> (Also, IMHO, the
> clients should generate the key pair (what password are you
> talking about?) and give you the public key).
OK, so they do that and then they attack me. Really, what does it matter
that I know their email address? W
On Thu, Aug 10, 2000 at 09:31:21AM -0400, Noel L Yap wrote:
> So why not chroot the SSH cvs server?
When SSH is well enough supported by the clients that is exactly what
I will do.
> If they're
> trying to break through CVS, they'll also find a way to break through chroot.
It's not trivial to
[EMAIL PROTECTED] on 2000.08.09 20:05:32
>On Wed, Aug 09, 2000 at 04:38:46PM -0400, Noel L Yap wrote:
>> In a good SSH setup, how do untrusted people authenticate themselves
>> as trusted?
>
>They lie to me and I give them a password. Next they attack.
Uhuh. And how do you do manage identifi
[EMAIL PROTECTED] on 2000.08.09 19:57:04
>Because, with the patch that I previously posted, that spawned this whole
>thread, my pserver runs in a chrooted partition. I'm defended against the
>risk: even if they break through CVS (which shouldn't be hard) that
>doesn't get them through to the f
Isn't it Justin's point that his users can't be held accountable for their
actions? What does he do if user accountability simply isn't part of the
equation?
--- Forwarded mail from [EMAIL PROTECTED]
> If I move to ssh, I will definately still be using chroot. Even on a
> box where there's no
27;t really interest me. But since this discussion breeds
more heat than light, I suggest that such discourse might become a bit more
constructive and useful.
--- Forwarded mail from [EMAIL PROTECTED]
[ On Wednesday, August 9, 2000 at 01:37:01 (-0600), Tobias Weingartner wrote: ]
> Subject: Re: c
On Thu, Aug 10, 2000 at 02:46:54AM -0400, Greg A. Woods wrote:
> *YOU* should have been capable of writing that documentation in the
> first place and ensuring that your users understood it sufficiently.
> You can use that documentation *NOW*. You should be capable of using
> that documentation
[ On Wednesday, August 9, 2000 at 20:05:32 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> In other words I'm an optomist and greg is a pessimist. I view something
> as "secure enough" if you can li
[ On Wednesday, August 9, 2000 at 19:57:04 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> Greg was arguing against chroot. He claims it offers *no* improvement in
> security at all.
It offers no improvement in
[ On Wednesday, August 9, 2000 at 20:14:19 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> > However with SSH on a dedicated system you
> > have something that cannot be attacked by an unauthorised user!
&
On Wednesday, August 9, "Derek R. Price" wrote:
> Tobias Weingartner wrote:
>
> > On Wednesday, August 9, Justin Wells wrote:
> > >
> > > If I move to ssh, I will definately still be using chroot. Even on a
> > > box where there's nothing else important there is no justification for
> > > giving
On Wed, Aug 09, 2000 at 05:18:15PM -0500, David Thornley wrote:
> Are you sure?
>
> I have very limited experience with Microsoft Windows, but there is an
> InstallShield thing that can make it easy to install complicated
Actually, yeah.
I found it easier to install ssh on a win32 box than I've
On Wed, Aug 09, 2000 at 03:57:16PM -0600, Tobias Weingartner wrote:
> On Wednesday, August 9, Justin Wells wrote:
> >
> > If I move to ssh, I will definately still be using chroot. Even on a
> > box where there's nothing else important there is no justification for
> > giving away full fledged
On Wed, Aug 09, 2000 at 05:36:32PM -0400, Greg A. Woods wrote:
> [ On Wednesday, August 9, 2000 at 14:32:47 (-0400), Justin Wells wrote: ]
> > Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
> >
> > Is it as easy for a WinCVS user to set up s
On Wed, Aug 09, 2000 at 04:38:46PM -0400, Noel L Yap wrote:
> In a good SSH setup, how do untrusted people authenticate themselves
> as trusted?
They lie to me and I give them a password. Next they attack.
> With pserver, it's really easy, just steal the .cvspasswd file.
That's actually pretty
On Wed, Aug 09, 2000 at 04:33:08PM -0400, Noel L Yap wrote:
> When using SSH, the server can specify exactly what the client
> can do. Why not just limit them to using "cvs server"?
Because you can't. CVS is so riddled full of security holes that giving
someone access to run "cvs server" means
Tobias Weingartner wrote:
> On Wednesday, August 9, Justin Wells wrote:
> >
> > If I move to ssh, I will definately still be using chroot. Even on a
> > box where there's nothing else important there is no justification for
> > giving away full fledged shells to people who don't need them.
>
> Ha
On Wednesday, August 9, Justin Wells wrote:
> On Wed, Aug 09, 2000 at 02:12:50PM -0400, Greg A. Woods wrote:
> > [ On Wednesday, August 9, 2000 at 11:51:34 (-0400), Justin Wells wrote: ]
> > If you grant trust to an untrustworthy party then that's got nothing to
> > do with SSH or CVS!
>
> That's
Mike Castle wrote:
>
> On Wed, Aug 09, 2000 at 02:34:02PM -0400, Justin Wells wrote:
> > On Wed, Aug 09, 2000 at 12:06:53PM -0500, Mike Castle wrote:
> > > On Wed, Aug 09, 2000 at 11:54:33AM -0400, Justin Wells wrote:
> > > > Is it as easy for a WinCVS user to set up ssh as it is to set up pserve
On Wednesday, August 9, Justin Wells wrote:
>
> If I move to ssh, I will definately still be using chroot. Even on a
> box where there's nothing else important there is no justification for
> giving away full fledged shells to people who don't need them.
Have a look at anoncvssh, with a rough
[ On Wednesday, August 9, 2000 at 13:52:05 (-0400), Rich Salz wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> Except that doing it right is not the trivial job that you have
> repeatedly said it is. CVS requires the local operating
[ On Wednesday, August 9, 2000 at 14:32:47 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> Is it as easy for a WinCVS user to set up ssh as it is to set up pserver?
It should be -- if they don't already have
On Wed, Aug 09, 2000 at 02:34:02PM -0400, Justin Wells wrote:
> On Wed, Aug 09, 2000 at 12:06:53PM -0500, Mike Castle wrote:
> > On Wed, Aug 09, 2000 at 11:54:33AM -0400, Justin Wells wrote:
> > > Is it as easy for a WinCVS user to set up ssh as it is to set up pserver?
> >
> > Yes.
>
> No it is
[EMAIL PROTECTED] on 2000.08.09 14:41:15
>On Wed, Aug 09, 2000 at 02:12:50PM -0400, Greg A. Woods wrote:
>> [ On Wednesday, August 9, 2000 at 11:51:34 (-0400), Justin Wells wrote: ]
>> If you grant trust to an untrustworthy party then that's got nothing to
>> do with SSH or CVS!
>
>That's your
[EMAIL PROTECTED] on 2000.08.09 14:38:14
>Someone might lie to me to get write access and then attack my box. Under
>my solution they don't get very far because they don't have a general
>shell: they're contained to changing the CVS repository, which I can
>quite easily detect by examining the
[ On Wednesday, August 9, 2000 at 14:41:15 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> That's your professional software shop training wheels speaking. In the
> real world I don't really know these pe
On Wed, Aug 09, 2000 at 02:12:50PM -0400, Greg A. Woods wrote:
> [ On Wednesday, August 9, 2000 at 11:51:34 (-0400), Justin Wells wrote: ]
> If you grant trust to an untrustworthy party then that's got nothing to
> do with SSH or CVS!
That's your professional software shop training wheels speakin
On Wed, Aug 09, 2000 at 11:27:30AM -0600, Tobias Weingartner wrote:
> On Wednesday, August 9, Justin Wells wrote:
> >
> > ssh CVS is just as vulnerable though. Just because I gave someone a write
> > password doesn't mean that they are going to be trustworthy.
>
> Right there you are contradicti
On Wed, Aug 09, 2000 at 12:06:53PM -0500, Mike Castle wrote:
> On Wed, Aug 09, 2000 at 11:54:33AM -0400, Justin Wells wrote:
> > Is it as easy for a WinCVS user to set up ssh as it is to set up pserver?
>
> Yes.
No it isn't. You can use pserver with WinCVS directly by configuring WinCVS
with no
On Wed, Aug 09, 2000 at 12:57:17PM -0400, Greg A. Woods wrote:
> [ On Wednesday, August 9, 2000 at 11:54:33 (-0400), Justin Wells wrote: ]
> > Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
> >
> > Is it as easy for a WinCVS user to set up s
[ On Wednesday, August 9, 2000 at 11:51:34 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
>
> ssh CVS is just as vulnerable though. Just because I gave someone a write
> password doesn't mean that
> There is no
> excuse for not using strong cryptographic security with CVS. There is
> no excuse for building orthogonal protection mechanisms into any
> application, and most especially not one that offers public network
> services!
Except that doing it right is not the trivial job that you ha
On Wednesday, August 9, Justin Wells wrote:
>
> ssh CVS is just as vulnerable though. Just because I gave someone a write
> password doesn't mean that they are going to be trustworthy.
Right there you are contradicting yourself. If you *give* someone a means
to make changes, that implies that y
On Wed, Aug 09, 2000 at 11:54:33AM -0400, Justin Wells wrote:
> Is it as easy for a WinCVS user to set up ssh as it is to set up pserver?
Yes.
mrc
--
Mike Castle Life is like a clock: You can work constantly
[EMAIL PROTECTED] and be right all the time, or not work at all
www.ne
[ On Wednesday, August 9, 2000 at 10:23:22 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> But right now it's not a choice, and I want pserver to be as secure
> as it can be while I wait for the clients to c
[ On Wednesday, August 9, 2000 at 11:54:33 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> Is it as easy for a WinCVS user to set up ssh as it is to set up pserver?
>
> No.
Contrary to your claims it's no
[EMAIL PROTECTED] on 2000.08.09 10:22:00
>The trick is to use them correctly, just as you would have to use
>permissions and ownerships correctly without full ACLs. Any kind of
>access control mechanism, be it traditional unix-style permissions, or
>full ACLs, will only have the desired effec
On Wed, Aug 09, 2000 at 10:53:10AM -0400, Greg A. Woods wrote:
> I.e. Justin: Please do not continue to publicly promote your patch --
> it is not an improvement in security and continued promotion will give
> CVS users a false sense of security. In fact I will continue to
> strongly suggest th
:29AM -0400, Greg A. Woods wrote:
> [ On Wednesday, August 9, 2000 at 00:31:01 (-0400), Justin Wells wrote: ]
> > Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
> >
> > Wrong. I run a public CVS archive. People are always examining the diffs
[ On Wednesday, August 9, 2000 at 01:37:01 (-0600), Tobias Weingartner wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> I'm a hardliner, and am going to say "down with inferior protocols". May
> they die a quick, and pai
[ On Wednesday, August 9, 2000 at 12:03:02 (+0800), Mark Harrison wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> Greg A. Woods <[EMAIL PROTECTED]> wrote:
> > In fact you can get more powerful ACLs than unix normally offers by
[ On Wednesday, August 9, 2000 at 00:31:01 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> Wrong. I run a public CVS archive. People are always examining the diffs
> and would notice right away. Same is true for a
On Wed, Aug 09, 2000 at 08:51:11AM -0400, Noel L Yap wrote:
> >Unless you're talking about recent versions of Linux, FreeBSD, or Solaris
> >I really don't give a damn. Add some documentation warning people of the
> >risk. I don't subscribe to your philosophy that all humans are morons and
> >can'
On Wed, Aug 09, 2000 at 01:37:01AM -0600, Tobias Weingartner wrote:
> > > Any sufficiently powerful language is effectivley Turing Complete --
> > > i.e. will allow the cracker to do dangerous things.
> >
> > This sounds clever, but everything it says is wrong: there are turning
> > complete lan
[EMAIL PROTECTED] on 2000.08.09 00:25:31
>On Tue, Aug 08, 2000 at 02:53:30PM -0400, Greg A. Woods wrote:
>> [ On Monday, August 7, 2000 at 23:14:36 (-0400), Justin Wells wrote: ]
>> > Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS
chroot)
>>
[EMAIL PROTECTED] on 2000.08.09 03:37:01
>In other words, why was pserver invented? Because *CVS clients did not
>wish to implement the rsh protocol? Or because the rsh protocol was usually
>blocked by various firewalls? Wow, so we (or someone) implemented one of
>the worst protocols *ever*
advisory (Was: patch to make CVS
chroot)
Greg A. Woods <[EMAIL PROTECTED]> wrote:
> In fact you can get more powerful ACLs than unix normally offers by
> default by simply switching to a type of Unix system that offers more
> powerful ACLs. These types of systems are not rare an
On Wednesday, August 9, Justin Wells wrote:
>
> Wrong. I run a public CVS archive. People are always examining the diffs
> and would notice right away. Same is true for any free/open software project,
> you just don't get it, that's all.
It is still entirely possible to do. I've seen this done,
On Tue, Aug 08, 2000 at 03:03:05PM -0400, Greg A. Woods wrote:
> > What's special about me is that all of the data on the box and in the
> > repository has already been published to the whole world. There is no
> > sensitive information there, nor even on any other machine connected
> > to the
On Tue, Aug 08, 2000 at 02:53:30PM -0400, Greg A. Woods wrote:
> [ On Monday, August 7, 2000 at 23:14:36 (-0400), Justin Wells wrote: ]
> > Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
> >
> > If that's all you want to accomplish i
Greg A. Woods <[EMAIL PROTECTED]> wrote:
> In fact you can get more powerful ACLs than unix normally offers by
> default by simply switching to a type of Unix system that offers more
> powerful ACLs. These types of systems are not rare and are available
> specifically because there are indeed val
On Tuesday, August 08, 2000 6:14 PM, Justin Wells [SMTP:[EMAIL PROTECTED]]
wrote:
> On Mon, Aug 07, 2000 at 02:11:13PM -0400, Greg A. Woods wrote:
>
> > The *ONLY* secure way to use cvspserver is to rip out the current crap
> > in the implementation that requires it to run as root and then to run
[ On Tuesday, August 8, 2000 at 02:14:08 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> So, if I do that, how do I get access control lists? Currently the only
> reason why I have to run pserver as root is so tha
[ On Monday, August 7, 2000 at 23:14:36 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> If that's all you want to accomplish it wouldn't be much work to move the
> pserver code out of CVS into a binar
[EMAIL PROTECTED] on 2000.08.08 02:14:08
>So, if I do that, how do I get access control lists? Currently the only
>reason why I have to run pserver as root is so that I can hand out
>write access to my repository on a module by module basis. Core
>developers get to write to every module, but s
On Mon, Aug 07, 2000 at 02:11:13PM -0400, Greg A. Woods wrote:
> The *ONLY* secure way to use cvspserver is to rip out the current crap
> in the implementation that requires it to run as root and then to run it
> only as a non-privileged unique user-id which is given permission to
> read (and onl
On Mon, Aug 07, 2000 at 02:14:24PM -0400, Greg A. Woods wrote:
> [ On Sunday, August 6, 2000 at 22:35:33 (-0400), Justin Wells wrote: ]
> > Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
> >
> > It's also not coincidental that pserver p
[ On Sunday, August 6, 2000 at 22:35:33 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> It's also not coincidental that pserver performs the authentication
> separately and then hands control down to the lo
[ On Sunday, August 6, 2000 at 22:27:22 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> On Sun, Aug 06, 2000 at 07:37:56PM -0400, Greg A. Woods wrote:
> > If someone breaks your hacked chroot patch they will,
> "JW" == Justin Wells <[EMAIL PROTECTED]> writes:
>> need for cvs-nserver in the first place so far as I can see (because it
>> means all you're really doing is re-inventing SSH or SSL or SRP, etc.).
JW> I thought nserver was implemented on top of SSL. But what do I know,
JW> maybe it isn't
On Sun, Aug 06, 2000 at 07:11:07PM -0400, Greg A. Woods wrote:
> No, the flaw in cvspserver is that it effectively merges the identities
> of all unique users into one system level identity.
Uhh.. no. Read up on pserver. It performs a setuid/setgid to the user id
of the user logging in to it.
On Sun, Aug 06, 2000 at 07:37:56PM -0400, Greg A. Woods wrote:
> If someone breaks your hacked chroot patch they will, by your design,
> have superuser privileges, at which point chroot is meaningless because
> anyone capable of doing the first crack will snuff your chroot in mere
> seconds and yo
[ On Sunday, August 6, 2000 at 18:47:33 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
>
> The --chroot flag also significantly reduces the risk here as well. Only
> those executables you place into the
[ On Monday, August 7, 2000 at 00:09:47 (+0400), Alexey Mahotkin wrote: ]
> Subject: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
> GAW> See the recent thread on BUGTRAQ where someone "exposed" the
> GAW> insecurities of cvspserver.
>
> I've always thought that this is no
The --chroot flag also significantly reduces the risk here as well. Only
those executables you place into the chroot area are available for use. If
you don't need scripts in your CVS installation you could also do without
having any binaries at all--you could even place the chroot root in on
a m
92 matches
Mail list logo
