[Cvsnt] Re: user-aliases ? - PARTIALLY WORKING NOW

Tony Hoyle tmh at nothing-on.tv
Fri Apr 5 10:12:48 BST 2002

Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.

Brian Smith wrote:
> Well, the authentication part is there so that the server knows who the
> user is.
> But whether or not the user can access the repository in what way is an
> authorization
> issue that can be controlled by file permissions and/or the "readers"
> and "writers" files in the individual repositories. It seems dangerous
> to me to have non-pserver protocols use the passwd file because it makes
> it too easy to allow pserver access when you don't want to (if you don't
> have a passwd file, nobody can use pserver).

Pserver is easy to disable - just delete the protocol (eventually all
protocols will be able to be disabled via the control panel anyway).
Extending the passwd file with a 'valid protocols' field is also in the
back of my mind somewhere.

> I believe that traditionally (on unix), :gserver: and :kserver: modes
> have never sent the root in the authentication request because they have
> never used the passwd file, so they never needed to tell the server what

Certainly when encrypting it's good to have the option (I should
probably call check_repository_password on the 'root' request to allow
this).  However the check is a good one.  You don't want multiple files
for user authentication... there already is one (passwd) and it serves
its purpose.


Cvsnt mailing list
Cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt https://www.march-hare.com/cvspro/en.asp#downcvs

More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook