Bugtraq mailing list archives
Re: cvs security problem
From: "Greg A. Woods" <woods () weird com>
Date: Fri, 28 Jul 2000 16:03:15 -0400
[ On Friday, July 28, 2000 at 17:21:28 (+0900), Tanaka Akira wrote: ]
Subject: cvs security problem I found two security problems in cvs-1.10.8. (1) A committer can execute any binary in server using CVS/Checkin.prog or CVS/Update.prog.
Yeah. So? This is meaningless. CVS is not designed to prevent this. In fact quite the opposite -- it is assumed that CVS users with commit access do have shell access to the CVS server. In fact normally the "cvspserver" method of accessing a CVS repository should only ever be used for anonymous read-only access, and even then it is well known that shell access to the server may be possible (under the user-id that the cvspserver daemon runs as, of course). A properly configured CVS server will use a secure remote execution facility (such as SSH) which by definition means that any committer will have shell access to the server, but of course only under a properly authorised user-id -- i.e. they'll be accountable for their actions. -- Greg A. Woods +1 416 218-0098 VE3TCP <gwoods () acm org> <robohack!woods> Planix, Inc. <woods () planix com>; Secrets of the Weird <woods () weird com>
Current thread:
- cvs security problem Tanaka Akira (Jul 28)
- Re: cvs security problem Kev (Jul 29)
- Re: cvs security problem Tanaka Akira (Jul 29)
- Re: cvs security problem Greg A. Woods (Jul 29)
- Re: cvs security problem Tanaka Akira (Jul 29)
- Re: cvs security problem Greg A. Woods (Jul 29)
- Re: cvs security problem Tanaka Akira (Jul 29)
- Re: cvs security problem Kev (Jul 29)