CVS Notify
Thomas Charron
twaffle at gmail.com
Tue Oct 5 14:16:01 EDT 2004
On Mon, 04 Oct 2004 20:22:04 -0400, Chris Brenton
<cbrenton at chrisbrenton.org> wrote:
> Not really on the topic of this thread, but...
> Anyone running CVS that is exposed to Internet access should strongly
> consider doing a full forensic analysis with the drive mounted in a
> secondary system (i.e. do not boot the CVS system during the check).
> Follow this up by firewalling the system (preventing further Internet
> access), or adding some secondary level of authentication (port
> knocking, VPN tunneling, etc.) prior to putting the system back on the
> wire.
> I know this message is a bit cryptic but this is still an open issue so
> I'm not going to go into the details of "why". Reasons will become clear
> over the next month or so.
So, there's a gaping security hole in CVS that hasnt been announced I take it?
Can you give us a little extra info, aka, is it pserver related, etc?
More information about the gnhlug-discuss
mailing list