[14739] in bugtraq
Re: CVS DoS
daemon@ATHENA.MIT.EDU (Kris Kennaway)
Tue May 2 15:32:21 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.BSF.4.21.0005010159200.21380-100000@freefall.freebsd.org>
Date: Mon, 1 May 2000 02:55:52 -0700
Reply-To: Kris Kennaway <kris@FREEBSD.ORG>
From: Kris Kennaway <kris@FREEBSD.ORG>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.BSF.4.21.0004241516540.2289-100000@freefall.freebsd.org>
On Mon, 24 Apr 2000, Kris Kennaway wrote:
> On Mon, 24 Apr 2000, Kris Kennaway wrote:
>
> > of the filesystem used by CVS to maintain its lock state. It's also not
> > quite as serious as it might first sound, because anyone who can
> > legitimately connect to the CVS server remotely via CVS can cause a lock
> > to be taken out over any part of the repository, with the same effect.
>
> Sorry, but on further thought I don't think this is true. Locks are only
> acquired for CVS write operations, not read operations.
No, I was right the first time (pointed out to me by Peter Jeremy
<Peter.Jeremy@alcatel.com.au>) - both read and write operations will cause
file lock creation.
However, on FreeBSD, cvs clients can always use -R (readonly) for
checkouts, which will bypass any locking on the server (this will
therefore usually be much faster as well, since the client doesn't have to
lock as it traverses). So a malicious local user who creates faked lock
files in /tmp will only hurt external checkins, and one could argue that
you shouldn't be hosting your writable CVS repository on a host which
contains malicious users (or allows anonymous access), as a matter of
policy.
Kris
----
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
