From owner-freebsd-hackers  Sat Aug  3 11:43:55 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id LAA29496
          for hackers-outgoing; Sat, 3 Aug 1996 11:43:55 -0700 (PDT)
Received: from rocky.mt.sri.com (rocky.mt.sri.com [206.127.76.100])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA29490
          for <hackers@freebsd.org>; Sat, 3 Aug 1996 11:43:52 -0700 (PDT)
Received: (from nate@localhost) by rocky.mt.sri.com (8.7.5/8.7.3) id MAA16352; Sat, 3 Aug 1996 12:43:47 -0600 (MDT)
Date: Sat, 3 Aug 1996 12:43:47 -0600 (MDT)
Message-Id: <199608031843.MAA16352@rocky.mt.sri.com>
From: Nate Williams <nate@mt.sri.com>
To: Nate Williams <nate@mt.sri.com>
Cc: "Jordan K. Hubbard" <jkh@time.cdrom.com>, hackers@freebsd.org
Subject: Re: Anyone know how anoncvs actually works?
In-Reply-To: <199608031829.MAA16287@rocky.mt.sri.com>
References: <1124.839074993@time.cdrom.com>
	<199608031829.MAA16287@rocky.mt.sri.com>
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> > It might be something we should set up, just to give complete coverage
> > (then we could say we offered the repository via CTM, WWW, sup, cvsup,
> > FTP and anoncvs - how many more options could one want? ;-).
> > 
> > Anyway, I'd like to find out what's involved first since the security
> > implications of what little I've been able to puzzle out seem fuzzy.
> 
> I *think* they have a special 'anoncvs' account that uses a version of
> cvs which disables all operations that would change the repository.

Yep, look at
   freefall:/f/OpenBSD/src/gnu/usr.bin/cvs/src

In particular, the cvswrite and readonly_fs changes.  If need be, you
could pull them out and/or drop the original CVS 1.8.1 distribution on
top of the sources and do a diff to see what has changed.


Nate