Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: cvs problem

On Sat, 30 Jan 2010 09:39:07 -0500
Steven Bellovin <> wrote:

> From a security perspective, it's useless, since the cvs command is 
> unprivileged and hence can't really enforce any privileges;

I fully agree, the user must have write privileges to the destination
directory anyway.

The only reason I could see would indeed be for a system where several
people sharing a repository have write access and inadvertent init is
unwanted; but since the people need write privileges to commit or init,
they could wreak havoc in any number of ways.

Home | Main Index | Thread Index | Old Index