Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: February 27th, 2015
Linux Security Week: February 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Alternatives to the Pserver

4. Alternatives to the Pserver

4.1. Access for developers

Pserver is not a very good method to implement for your fellow developers to access the repository. You can use CVS's SSH and ext method. Simply add the user to the server's list of users, add the user to the file WRITERS, and then they can do the following:

$ export CVS_RSH='/usr/bin/ssh'
$ cvs -d :ext:username@server.hostname:/cvs/root login

This is a much more secure way for developers to access the repository.

4.2. Anonymous CVS access by http

There is another way to allow anonymous access to CVS. If there is an http server and Python installed on the server, you can use a set of Python CGI scripts called viewcvs, which allow people to view the CVS repository over the web, and can generate tarballs for users to download.

There is also a set of Perl CGI scripts that do the same thing called cvsweb, but Viewcvs is more mature and is preferred (at least by me).

4.3. CVSGrab

CVSGrab is an end-user tool for downloading the CVS repository by a ViewCVS interface. It is very useful when you are behind a corporate firewall that blocks the Pserver, as you can just grab the repository over standard HTTP. The only problem is if it doesn't have a ViewCVS interface, but most free software repositories are now on the web, and the few that still use cvsweb seem to be switching over to ViewCVS.

CVSGrab is written in Java, which may at first be a turn-off to some people (it is to me), but it seems completely compilable using GCJ, the Java front-end to GCC.

CVSGrab is a tool that goes hand-in-hand with ViewCVS. It is an end-user tool, not one that you as a system administrator or repository administrator would set up and configure.



Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
DDoS Exploit Targets Open Source Rejetto HFS
Gemalto Confirms It Was Hacked But Insists the NSA Didnít Get Its Crypto Keys
Hackers exploit router flaws in unusual pharming attack
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.