diff options
| author | wiz <wiz@pkgsrc.org> | 2006-05-20 23:38:16 +0000 |
|---|---|---|
| committer | wiz <wiz@pkgsrc.org> | 2006-05-20 23:38:16 +0000 |
| commit | 0611d4a240a901c8a9972539070fac26722eb936 (patch) | |
| tree | a2126c71632d983644f81f46c8a6f4218f5a1e25 /devel/cvsd/DESCR | |
| parent | 0b44d1b124b4559b0c88782db8be893d8ed25a5f (diff) | |
| download | pkgsrc-0611d4a240a901c8a9972539070fac26722eb936.tar.gz | |
Initial import of cvsd, a cvs pserver wrapper that chroots the pserver.
Based on the work by Eric Schnoebelen and virtus@ in pkgsrc-wip.
DESCR:
cvsd is a wrapper program for cvs in pserver mode. It will run 'cvs
pserver' under a special uid/gid in a chroot jail.
cvsd is run as a daemon and is controlled through a configuration
file. It is relatively easy to configure and tools are provided
for easily setting up a rootjail.
This server can be useful if you want to run a public cvs pserver.
You should however be aware of the security limitations of running
a cvs pserver. If you want any kind of authentication you should
really consider using secure shell as a secure authentication
mechanism and transport. Passwords used in cvs pserver are transmitted
in plaintext and this wrapper won't change that.
This server adds a layer of security to cvs. cvs is a very powerful
tool and is capable of running scripts and other things. By running
cvs in a rootjail it is possible to limit the amount of "damage"
cvs can do if it is exploited. It is generally a good idea to run
cvsd without any write permissions to any directory on the system.
Diffstat (limited to 'devel/cvsd/DESCR')
| -rw-r--r-- | devel/cvsd/DESCR | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/devel/cvsd/DESCR b/devel/cvsd/DESCR new file mode 100644 index 00000000000..338a35b7948 --- /dev/null +++ b/devel/cvsd/DESCR @@ -0,0 +1,19 @@ +cvsd is a wrapper program for cvs in pserver mode. It will run 'cvs +pserver' under a special uid/gid in a chroot jail. + +cvsd is run as a daemon and is controlled through a configuration +file. It is relatively easy to configure and tools are provided +for easily setting up a rootjail. + +This server can be useful if you want to run a public cvs pserver. +You should however be aware of the security limitations of running +a cvs pserver. If you want any kind of authentication you should +really consider using secure shell as a secure authentication +mechanism and transport. Passwords used in cvs pserver are transmitted +in plaintext and this wrapper won't change that. + +This server adds a layer of security to cvs. cvs is a very powerful +tool and is capable of running scripts and other things. By running +cvs in a rootjail it is possible to limit the amount of "damage" +cvs can do if it is exploited. It is generally a good idea to run +cvsd without any write permissions to any directory on the system. |