Re: cvs.debian.org problem

[Steve Greenland <steveg@moregruel.net>]

On 28-Jan-03, 11:20 (CST), Raphael Hertzog <hertzog@debian.org> wrote: 
> And why are you doing that ? I see no point in not giving CVS anonymous
> access when we have a web interface ... and when all the code is under a
> free license. It makes it just more difficult for people to contribute
> (they can't use cvs diff for example).

Because pserver is a security disaster waiting to happen -- even
according to the CVS developers. (And has happened, as recently as
within the last month). It's barely tolerable if the only thing it's
used for is read-only anonymous access (which is what I presume we're
talking about here) and it's setup correctly, but even then I would
worry.

Steve
-- 
Steve Greenland

    The irony is that Bill Gates claims to be making a stable operating
    system and Linus Torvalds claims to be trying to take over the
    world.       -- seen on the net