Re: cvs.debian.org problem
On 28-Jan-03, 11:20 (CST), Raphael Hertzog <hertzog@debian.org> wrote:
> And why are you doing that ? I see no point in not giving CVS anonymous
> access when we have a web interface ... and when all the code is under a
> free license. It makes it just more difficult for people to contribute
> (they can't use cvs diff for example).
Because pserver is a security disaster waiting to happen -- even
according to the CVS developers. (And has happened, as recently as
within the last month). It's barely tolerable if the only thing it's
used for is read-only anonymous access (which is what I presume we're
talking about here) and it's setup correctly, but even then I would
worry.
Steve
--
Steve Greenland
The irony is that Bill Gates claims to be making a stable operating
system and Linus Torvalds claims to be trying to take over the
world. -- seen on the net
Reply to: