[16033] in bugtraq
Re: cvs security problem
daemon@ATHENA.MIT.EDU (sama@AGLORIOSO.COM)
Tue Aug 1 17:04:00 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-Id: <20000731081203.B9652@aglorioso.com>
Date: Mon, 31 Jul 2000 08:12:03 +0200
Reply-To: sama@AGLORIOSO.COM
From: sama@AGLORIOSO.COM
X-To: Kev <klmitch@MIT.EDU>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200007281820.OAA09553@multics.mit.edu>; from klmitch@MIT.EDU on
Fri, Jul 28, 2000 at 02:20:42PM -0400
On Fri, Jul 28, 2000 at 02:20:42PM -0400, Kev wrote:
> This has been the case for quite some time. It would be nice if CVS
> could be made more secure, but it would probably take a lot of work.
> --
> Kevin L. Mitchell <klmitch@mit.edu>
Although I don't think it addresses this very problem, you might be
interested in CVS-nserver (http://alexm.here.ru/cvs-nserver/), a
rewrite of CVS to make it more modular and secure. I still haven't
tried it myself, though.
Regards,
--
Andrea Glorioso sama(at)aglorioso(dot)com
Padua, Italy
