28 lines
1.2 KiB
Plaintext
28 lines
1.2 KiB
Plaintext
cvsd is a wrapper program for cvs in pserver mode. it will run 'cvs pserver'
|
|
under a special uid/gid in a chroot jail.
|
|
|
|
cvsd is run as a daemon and is controlled through a configuration file. It is
|
|
relatively easy to configure and provides tools for easy setting up a chroot
|
|
jail.
|
|
|
|
This server can be useful if you want to run a public cvs pserver. You should
|
|
however be aware of the security limitations of running a cvs pserver. If you
|
|
want any kind of authentication you should really consider using secure shell
|
|
as a secure authentication mechanism and transport. Passwords used in cvs
|
|
pserver are transmitted in plain text.
|
|
|
|
This wrapper adds a layer of security to the cvs server. cvs is a very
|
|
powerful tool and is capable of running scripts and other things. Running cvs
|
|
in a chroot jail it is possible to limit the amount of "damage" cvs can do if
|
|
it is exploited. It is generally a good idea to run cvsd without any write
|
|
permissions to any directory on the system.
|
|
|
|
Features of cvsd include:
|
|
* running in chroot jail
|
|
* configuring chroot jail
|
|
* running under a non-root uid
|
|
* set a nice value
|
|
* limit resource usage
|
|
* limit number of connections
|
|
* relatively easy to set up
|