Tim and (Duncan or Malcolm),
On 2004 Aug 5 , at 00.36, Tim Jenness wrote:
> Do you have an account at Starlink? If so then cvs checkout is trivial
>
> :ext:cvs.starlink.ac.uk:/cvs
>
> and then follow the instructions in SSN/78. IF you haven't got an
> account
> then it might be simpler to get you an account so that you can access
> the
> repository. I don't know what the timescale for anonymous cvs access
> is,
> but clearly it'd be preferable for you to be able to commit patches
> directly to the repository.
To give them read/write access, they only have to have an account on
saturn, and be in the group 'cvs'.
Whether or not the australians should get read/write access, it would
probably be good to set up an anoncvs server so that folk could get the
most recent stuff without necessarily striking up a relationship with
us first.
A user who's listed in the CVSROOT/readers file has only read-only
access to the repository. I think that setting up a CVS pserver allows
some control over that, but the most comprehensive set of instructions
for setting up anoncvs will be the suitably paranoid ones for setting
up anoncvs OpenBSD mirrors, at <http://www.openbsd.org/anoncvs.shar> --
that includes setting up a chroot jail (which is potentially omissable
if we're not being that paranoid), and includes source for an anoncvssh
program which can act as a suitably secure login shell for the anoncvs
user.
As a second point, it seems that a security vulnerability has been
announced in CVS: <https://www.cvshome.org/>, of which they say ``The
publication of this code makes all sites running cvs with any remote
protocol vulnerable.''
See youse,
Norman
--
----------------------------------------------------------------------
Norman Gray : Physics & Astronomy, Glasgow University, UK
http://www.astro.gla.ac.uk/users/norman/ : www.starlink.ac.uk
|