mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-16 19:50:19 +01:00
12ddb26545
Signed-off-by: B. Watson <yalhcru@gmail.com> Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
29 lines
1.2 KiB
Text
29 lines
1.2 KiB
Text
cvsd is a wrapper program for cvs in pserver mode. it will run 'cvs
|
|
pserver' under a special uid/gid in a chroot jail.
|
|
|
|
cvsd is run as a daemon and is controlled through a configuration
|
|
file. It is relatively easy to configure and provides tools for easy
|
|
setting up a chroot jail.
|
|
|
|
This server can be useful if you want to run a public cvs pserver. You
|
|
should however be aware of the security limitations of running a cvs
|
|
pserver. If you want any kind of authentication you should really
|
|
consider using secure shell as a secure authentication mechanism and
|
|
transport. Passwords used in cvs pserver are transmitted in plain
|
|
text.
|
|
|
|
This wrapper adds a layer of security to the cvs server. cvs is
|
|
a very powerful tool and is capable of running scripts and other
|
|
things. Running cvs in a chroot jail it is possible to limit the
|
|
amount of "damage" cvs can do if it is exploited. It is generally a
|
|
good idea to run cvsd without any write permissions to any directory
|
|
on the system.
|
|
|
|
Features of cvsd include:
|
|
* running in chroot jail
|
|
* configuring chroot jail
|
|
* running under a non-root uid
|
|
* set a nice value
|
|
* limit resource usage
|
|
* limit number of connections
|
|
* relatively easy to set up
|