cvs commit: src/contrib/cvs/src server.c
Bruce A. Mah
bmah at FreeBSD.org
Mon Jan 26 13:02:30 PST 2004
If memory serves me right, Jacques A. Vidrine wrote:
> I think that `run as root' has been misinterpreted by some.
Probably by me. :-p
> This change does *NOT* suddenly make an inetd.conf configuration line
> like the following stop working:
>
> cvspserver stream tcp nowait root /usr/bin/cvs cvs --allow-root=/your/cvsroot/here pserver
>
> Rather, the change disables lines like the following in
> $CVSROOT/CVSROOT/passwd:
>
> luser:bxOZZuQd4CoXs:root
>
> Without this fix, one who can modify $CVSROOT/CVSROOT/passwd would be
> able to gain root access.
If someone "in the know" could suggest a better wording than what I
wrote, I'd appreciate it. Otherwise I'll try to come more up to speed
on this usage of CVS and write the right thing.
Thanks,
Bruce.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-src/attachments/20040126/3352f835/attachment.bin
More information about the cvs-src
mailing list