CVSROOT write permission vulnerability

From: Bibhas Kumar Samanta (bks@cal.interrasystems.com)
Date: Mon Jan 20 2003 - 01:12:30 EST

• Next message: Nico Wieland: "problem with DNS on solaris 9"
• Previous message: hmnguyen@verizongni.com: "Hoang M Nguyen/BAGLOBAL/NY is out of the office."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

We have Solaris/unix network with NIS .
and we use /net/<machine_name>/system/CvsRoot as our CVSROOT
which is accessible from all machines.

As CVSROOT requires write permission, it has 777 permission for
all.
But this essentially empowers each user to delete the whole
CVSROOT , may be even mistakenly ie
cd /net/<machine_name>/system/CvsRoot;\rm -rf *

How can I avoid that or do I have any mechanism to log
who is accessing the CVSROOT area.

Or what is the common CVSROOT structure/access mechanism
is used in large n/w.

Thanks,
Bibhas
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Nico Wieland: "problem with DNS on solaris 9"
• Previous message: hmnguyen@verizongni.com: "Hoang M Nguyen/BAGLOBAL/NY is out of the office."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:37 EDT