[TriLUG] cvs CVSROOT/modules

William Sutton william at trilug.org
Wed Sep 8 14:43:40 EDT 2004

Well, since the CVS repository is being used by the people writing the 
code (not as a documentation bank or whatever), the anonymous access isn't 
important (plus I have a sneaking suspicion that $WORK wouldn't like 
anonymous checkouts in any case).  So, we're stuck with usernames.

All of this is going on inside a vpn, so the only people that will be 
hacking plaintext passwords will be people inside the vpn (theoretically 
all employees).


On Wed, 8 Sep 2004, Mike M wrote:

> On Wed, Sep 08, 2004 at 01:54:16PM -0400, William Sutton wrote:
> > I have, of course, the cvsadmin acct to access it for setup, but I'm not 
> > about to let everybody and their dog use it to check in/out code.
> Heh.  That's the right attitude.
> So you have trusted folks that get to check in - they get accounts.
> These accounts are part of the "cvs" group.  The cvs files are set to
> allow the cvs group to rwx.
> Then you have a larger group that gets to check out - they can use
> pserver with a login to an "anonymous" account. 
> http://www.tldp.org/HOWTO/Secure-CVS-Pserver/
>  This document will help you set up a more secure CVS Pserver for
>  anonymous CVS access.
>   CVS Pserver is, by definition, an insecure protocol. Among other
>   things, passwords are transmitted in plain text, making it undesirable
>   for much use. However, CVS Pserver is very good for providing
>   anonymous CVS access to a repository.
>   In this document we will introduce you to setting up a CVS repository
>   (although not intruding on the CVS HOWTO's space), and how to set up a
>   chroot jail for the Pserver. We will also talk about using SSH for
>   developer access to a repository.

More information about the TriLUG mailing list