[cvsnt] Possible security risk
Glen Starrett
grstarrett at cox.net
Fri Jun 13 08:38:26 BST 2003
>>>>
Is this behaviour normal, or do I have a misconfigured cvsnt server that
will allow malicious people easy access?
<<<<
I know that part of what you're describing is normal--that is, once you
log in to CVSNT it will store the login information for that particular
sandbox in the system registry (I assume it is in the user section or
there is indeed a security hole).
I don't know about the guest issue though--is your guest account
disabled? What security context is the server running in (e.g. SYSTEM
or a specific user account)?
Regards,
Glen Starrett
More information about the cvsnt
mailing list