Re: patch to make CVS chroot

[Greg A. Woods]

[ On Monday, August 7, 2000 at 01:59:50 (-0400), Justin Wells wrote: ]
> Subject: Re: patch to make CVS chroot
>
> Your assumption that everyone who is authorized to access CVS is 
> trusted in general is FLAWED. 

BTW, that's not my assumption -- that's a consequence of the design of
almost any client/server system, and especially of one like CVS which
has the ability to execute more code outside of itself.

The result is that trust must be limited by eliminating even the
possibility of access to resources or information that the given user
cannot be trusted with.  I.e. do not ever run a public anonymous access
server in any way that it can ever write to the primary repository it is
offering access to.

-- 
                                                        Greg A. Woods

+1 416 218-0098      VE3TCP      <[EMAIL PROTECTED]>      <robohack!woods>
Planix, Inc. <[EMAIL PROTECTED]>; Secrets of the Weird <[EMAIL PROTECTED]>