Date: Mon, 26 Jan 2004 13:02:28 -0800 From: "Bruce A. Mah" <bmah@FreeBSD.org> To: "Jacques A. Vidrine" <nectar@FreeBSD.org> Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/contrib/cvs/src server.c Message-ID: <20040126210228.GA2411@intruder.kitchenlab.org> In-Reply-To: <20040126200556.GB76044@madman.celabo.org> References: <200401260008.i0Q08cIl014780@repoman.freebsd.org> <20040126000922.GA6102@madman.celabo.org> <20040126004123.GJ53344@elvis.mu.org> <20040126125638.GC9772@madman.celabo.org> <4015377A.3000609@freebsd.org> <20040126165039.GC98500@intruder.kitchenlab.org> <20040126200556.GB76044@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--huq684BweRXVnRxX Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable If memory serves me right, Jacques A. Vidrine wrote: > I think that `run as root' has been misinterpreted by some. Probably by me. :-p > This change does *NOT* suddenly make an inetd.conf configuration line > like the following stop working: >=20 > cvspserver stream tcp nowait root /usr/bin/cvs cvs --al= low-root=3D/your/cvsroot/here pserver >=20 > Rather, the change disables lines like the following in > $CVSROOT/CVSROOT/passwd: >=20 > luser:bxOZZuQd4CoXs:root >=20 > Without this fix, one who can modify $CVSROOT/CVSROOT/passwd would be > able to gain root access. If someone "in the know" could suggest a better wording than what I wrote, I'd appreciate it. Otherwise I'll try to come more up to speed on this usage of CVS and write the right thing. Thanks, Bruce. --huq684BweRXVnRxX Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQFAFYBj2MoxcVugUsMRAp98AKDpb2L0V2SrD1m1HKJ96gOMwI94tQCbB9r0 Xf7blB9V6WdxGw6qb6SBuuc= =mANq -----END PGP SIGNATURE----- --huq684BweRXVnRxX--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040126210228.GA2411>