[cvsnt] SSPI Security (was "Setting up shared repositories")

Glen Starrett glen.starrett at march-hare.com
Wed Aug 22 20:40:03 BST 2007

Michael Wojcik wrote:
> cvsagent listens on a TCP socket for password queries and responds with
> cached passwords.  That's hardly inaccessible to an attacker.

We recently discussed changing that to model the PuTTY / Pagent method 
of communication (it uses Windows messages, I believe).  I'm not sure 
when this is scheduled.

As always, patches are welcome and appreciated!


Glen Starrett
Technical Account Manager, North America
March Hare Software, LLC


More information about the cvsnt mailing list