[CLUE-Admin] Anonymous CVS Access
Jed S. Baer
thag at frii.com
Sat Jan 17 19:50:48 MST 2004
Hi Folks.
Well, I'm testing a script to publish the development site to a location
on the CLUE server. In the process, I've discovered that the anonymous CVS
access described at http://cluedenver.org/siteDevelopment.html doesn't
work.
The culprit is the cvsroot/CVSROOT/passwd file, which specifies a password
for user anonymous.
So, the question is, do we really want to allow unrestricted anonymous
read access to the CVS respository? If so, there's an impact to the
publish.sh script, and somebody will need to add a readers file to the
cvsroot/CVSROOT/ directory, and change the passwd file. I can do these
things.
I also note that the user "publish" exists in the CVS passwd file with no
password, and "pubcvs" equivalent. This is bad. There's also a "test"
user.
Any thoughts?
jed
--
http://s88369986.onlinehome.us/freedomsight/
... it is poor civic hygiene to install technologies that could someday
facilitate a police state. -- Bruce Schneier
More information about the clue-admin
mailing list