From owner-freebsd-security  Tue Nov  6  5:32:33 2001
Delivered-To: freebsd-security@freebsd.org
Received: from wrath.cs.utah.edu (wrath.cs.utah.edu [155.99.198.100])
	by hub.freebsd.org (Postfix) with ESMTP id D1FA237B405
	for <security@FreeBSD.ORG>; Tue,  6 Nov 2001 05:32:30 -0800 (PST)
Received: from faith.cs.utah.edu (faith.cs.utah.edu [155.99.198.108])
	by wrath.cs.utah.edu (8.11.6/8.11.1) with ESMTP id fA6DWT529561;
	Tue, 6 Nov 2001 06:32:29 -0700 (MST)
From: David G Andersen <danderse@cs.utah.edu>
Received: (from danderse@localhost)
	by faith.cs.utah.edu (8.11.1/8.11.1) id fA6DWTI16199;
	Tue, 6 Nov 2001 06:32:29 -0700 (MST)
Message-Id: <200111061332.fA6DWTI16199@faith.cs.utah.edu>
Subject: Re: Running secured local anoncvs server for FreeBSD CVS Repository
To: eugen@grosbein.pp.ru (Eugene Grosbein)
Date: Tue, 6 Nov 2001 06:32:29 -0700 (MST)
Cc: danderse@cs.utah.edu (David G Andersen), security@FreeBSD.ORG
In-Reply-To: <20011106121840.B77269@svzserv.kemerovo.su> from "Eugene Grosbein" at Nov 06, 2001 12:18:40 PM
X-Mailer: ELM [version 2.5 PL2]
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Lo and behold, Eugene Grosbein once said:
> 
> On Mon, Nov 05, 2001 at 09:11:20PM -0700, David G Andersen wrote:
> 
> > See 'anoncvssh', from the OpenBSD project:
> > http://openbsd.sunsite.ualberta.ca/papers/anoncvs-paper.ps
> > Then grab the distribution:
> > http://www.openbsd.org/anoncvs.shar
> 
> It seems anoncvssh need OpenBSD's cvs distribution and 
> modifications of some files inside the Repo that is what 
> I would rather avoid to do. Is it safe to hack CVSROOT/*?

  Likely so.  I didn't have to hack much the last time I exported
a CVS tree, but that was a bit ago.

> And if I'll want to provide public access once, will I be allowed
> to limit using of compression?

  You can hack anoncvssh.c to strip out the compression request,
I'd think.  Haven't tried it.

  -Dave

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message