Re: [HACKERS] CVSup
Rasmus Lerdorf <rasmus@lerdorf.on.ca>
From: Rasmus Lerdorf <rasmus@lerdorf.on.ca>
To: The Hermit Hacker <scrappy@hub.org>
Cc: hackers@postgreSQL.org
Date: 1998-05-01T11:36:48Z
Lists: pgsql-hackers
> When I set things up, I could find no instructions for setting up > anon-cvs that I felt comfortable implementing from a security > standpoint... If you use a semi-recent version of CVS, set the --allow-root restriction in inetd.conf and create a cvs "passwd" file along with a "writers" file, then I really don't see where the security problem is. You are not creating system-level accounts, and if you do not put the anonymous user in your "writers" file, then this user will not be able to alter the repository in any way. -Rasmus