Thread: CVSup

CVSup

From
"Maurice Gittens"
Date:
Hi,

I don't understand the problem CVSup is intended to solve given
that CVS allows remote access to the repository using standard cvs
commands. Is there a specific reason why we can't/don't have readonly access
to the postgresql repository?

I think it's neat to be able to use commands like "cvs diff" etc. However
I really hate it that my changes seem to get overwritten why I using
CVSup since this doesn't happen when using the "cvs update".

Can anyone explain why this is the way it is?

Thanks, with regards from Maurice.



Re: [HACKERS] CVSup

From
Brett McCormick
Date:
This may be the totally wrong place for asking this question, but what
exactly *is* CVSup?

On Fri, 1 May 1998, at 08:36:05, Maurice Gittens wrote:

> I don't understand the problem CVSup is intended to solve given
> that CVS allows remote access to the repository using standard cvs
> commands. Is there a specific reason why we can't/don't have readonly access
> to the postgresql repository?
>
> I think it's neat to be able to use commands like "cvs diff" etc. However
> I really hate it that my changes seem to get overwritten why I using
> CVSup since this doesn't happen when using the "cvs update".
>
> Can anyone explain why this is the way it is?
>
> Thanks, with regards from Maurice.
>
>

Re: [HACKERS] CVSup

From
The Hermit Hacker
Date:
On Fri, 1 May 1998, Maurice Gittens wrote:

> Hi,
>
> I don't understand the problem CVSup is intended to solve given
> that CVS allows remote access to the repository using standard cvs
> commands. Is there a specific reason why we can't/don't have readonly access
> to the postgresql repository?
>
> I think it's neat to be able to use commands like "cvs diff" etc. However
> I really hate it that my changes seem to get overwritten why I using
> CVSup since this doesn't happen when using the "cvs update".
>
> Can anyone explain why this is the way it is?

    When I set things up, I could find no instructions for setting up
anon-cvs that I felt comfortable implementing from a security
standpoint...

    If you remove the 'tag=.' part of the CVSup config file, you can
pull down the complete CVS repository to your machine to manipulate as you
want to...



Re: [HACKERS] CVSup

From
The Hermit Hacker
Date:
On Thu, 30 Apr 1998, Brett McCormick wrote:

>
> This may be the totally wrong place for asking this question, but what
> exactly *is* CVSup?

    See ftp.postgresql.org:/pub/CVSup ...


>
> On Fri, 1 May 1998, at 08:36:05, Maurice Gittens wrote:
>
> > I don't understand the problem CVSup is intended to solve given
> > that CVS allows remote access to the repository using standard cvs
> > commands. Is there a specific reason why we can't/don't have readonly access
> > to the postgresql repository?
> >
> > I think it's neat to be able to use commands like "cvs diff" etc. However
> > I really hate it that my changes seem to get overwritten why I using
> > CVSup since this doesn't happen when using the "cvs update".
> >
> > Can anyone explain why this is the way it is?
> >
> > Thanks, with regards from Maurice.
> >
> >
>


Re: [HACKERS] CVSup

From
Rasmus Lerdorf
Date:
>     When I set things up, I could find no instructions for setting up
> anon-cvs that I felt comfortable implementing from a security
> standpoint...

If you use a semi-recent version of CVS, set the --allow-root restriction
in inetd.conf and create a cvs "passwd" file along with a "writers" file,
then I really don't see where the security problem is.  You are not
creating system-level accounts, and if you do not put the anonymous user
in your "writers" file, then this user will not be able to alter the
repository in any way.

-Rasmus