[clue-admin] CVS pserver access

[Jeff Cann]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 14 March 2005 9:45 pm, Jed S. Baer wrote:
> Well, I'm preparing to set up the CVS pserver, because it seems a
> reasonable thing to do to provide anonymous read-only access to the CVS
> repository. The reason being that if there's prospects for CLUEbies to
> review site developments, but without providing SSH and commit access, I
> would like for that to be possible. And, at the moment, I need to do a
> little studying to figure out how to allow commit access to the
> development area without allowing commit to production anyway, but that's
> a tangent.

After learning about this for a project at work, I decided to use the 'cvs 
export' command to build 'production' releases.  The advantage is that the 
export is not a cvs sandbox and thus no one could commit changes to it.

> The only reason I get slightly hesitant about doing this is that it
> involves firing up the inetd service, and I figure that the fewer services
> running, the fewer exploits there are to worry about. But the pserver
> requires inetd, so there's no way around it

Didn't you mean xinetd?  If not, then CVS does run via xinetd and I believe 
xinetd service is used for sshd, so I think it's already running.

Jeff
- -- 
"Science can purify religion from error and superstition. Religion can purify 
science from idolatry and false absolutes."
- - Pope John Paul II

http://isuma.org/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCN2WPi4b9OApLCmoRAvswAJ4+XP7hxSvDpyj2/xTb55+l2KA1FACgg11N
o/sWx1gvFQvhRZcXTSdDFQI=
=+f0j
-----END PGP SIGNATURE-----