[16012] in bugtraq
Re: cvs security problem
daemon@ATHENA.MIT.EDU (Kev)
Sat Jul 29 16:39:18 2000
Message-ID: <200007281820.OAA09553@multics.mit.edu>
Date: Fri, 28 Jul 2000 14:20:42 -0400
Reply-To: Kev <klmitch@MIT.EDU>
From: Kev <klmitch@MIT.EDU>
X-To: Tanaka Akira <akr@M17N.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Your message of "Fri, 28 Jul 2000 17:21:28 +0900."
<hvou2daoebb.fsf@serein.m17n.org>
> I found two security problems in cvs-1.10.8.
From the CVS info page (Node: Password authentication security):
The separate CVS password file (*note Password authentication
server::) allows people to use a different password for repository
access than for login access. On the other hand, once a user has
non-read-only access to the repository, she can execute programs on the
server system through a variety of means. Thus, repository access
implies fairly broad system access as well. It might be possible to
modify CVS to prevent that, but no one has done so as of this writing.
(cvs version 1.10.7; I'd be suprised if .8 has changed that much in this
respect.)
This has been the case for quite some time. It would be nice if CVS
could be made more secure, but it would probably take a lot of work.
--
Kevin L. Mitchell <klmitch@mit.edu>
