Bugtraq mailing list archives
Re: cvs security problem
From: Brian Behlendorf <brian () COLLAB NET>
Date: Tue, 1 Aug 2000 16:04:25 -0700
On Mon, 31 Jul 2000 sama () AGLORIOSO COM wrote:
On Fri, Jul 28, 2000 at 02:20:42PM -0400, Kev wrote:This has been the case for quite some time. It would be nice if CVS could be made more secure, but it would probably take a lot of work. -- Kevin L. Mitchell <klmitch () mit edu>Although I don't think it addresses this very problem, you might be interested in CVS-nserver (http://alexm.here.ru/cvs-nserver/), a rewrite of CVS to make it more modular and secure. I still haven't tried it myself, though.
There's another similar open source project in development that, if implemented right, won't have this security problem, called Subversion (http://subversion.tigris.org/). There are two full time people working on it, with an ETA around September, but we could definitely use more assistance. Brian
Current thread:
- Re: cvs security problem Mike Eldridge (Aug 01)
- <Possible follow-ups>
- Re: cvs security problem sama (Aug 01)
- Re: cvs security problem Brian Behlendorf (Aug 01)
- Re: cvs security problem Greg A. Woods (Aug 01)
- Re: cvs security problem Greg A. Woods (Aug 01)