From owner-freebsd-hackers  Tue Sep 16 23:33:52 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id XAA21822
          for hackers-outgoing; Tue, 16 Sep 1997 23:33:52 -0700 (PDT)
Received: from itojun.csl.sony.co.jp (root@itojun.csl.sony.co.jp [133.138.1.134])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id XAA21799
          for <hackers@freebsd.org>; Tue, 16 Sep 1997 23:33:42 -0700 (PDT)
From: itojun@itojun.org
Received: from localhost (itojun@localhost [127.0.0.1]) by itojun.csl.sony.co.jp (8.8.5/3.3W3) with ESMTP id PAA19603; Wed, 17 Sep 1997 15:28:23 +0900 (JST)
To: Marc Slemko <marcs@znep.com>
Cc: hackers@freebsd.org
Subject: Re: cvs pserver mode
X-Template-Reply-To: itojun@itojun.org
X-Template-Return-Receipt-To: itojun@itojun.org
X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD  90 5F B4 60 79 54 16 E2
References: <Pine.BSF.3.95.970916235732.6754A-100000@alive.znep.com>
In-reply-to: Marc Slemko <marcs@znep.com>'s message of Wed, 17 Sep 1997 00:09:22
	 -0600 (MDT).
	<Pine.BSF.3.95.970916235732.6754A-100000@alive.znep.com>
X-Mailer: comp (MHng project) version 1997/08/04 03:38:46, by Jun-ichiro Itoh
MIME-Version: 1.0
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: 7bit
Content-ID: <top.874477702.19595@itojun.csl.sony.co.jp>
Date: Wed, 17 Sep 1997 15:28:22 +0900
Message-ID: <19600.874477702@itojun.csl.sony.co.jp>
Sender: owner-freebsd-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>> 	does any of you have trouble using pserver mode of cvs?
>First, don't use pserver.  It sucks.  Badly.  It stores unencrypted
>passwords on the clients disk and anyone with a shell on the server an
>steal connections (and hence passwords) from users connecting.  Bad.
>Secondly, you need the --allow-root option to tell it what repositories to
>use.  This is new in 1.9.10 or something like that.

	Thanks very much for the comment (and to Julian), I'll keep myself
	away from pserver.

	My goal is to have a way to publish half-public source code to
	20 or so people, without giving them an account on my machine.
	(they won't make changes to my repository)
	Options seems to be as follows, but I don't know which is good/bad.
	- cvs pserver (should stay away from this)
	- anonymous cvs + some modification
	  (how to set it up? OpenBSD people uses this to keep them in sync)
	- cvsupd + some modification
	  (current version has no authentication, it seems)
	- give an account (say, "mygroup") to them and use rsh/ssh

	Please let me know your opinion.  Thanks!

itojun