[cvsnt] SSPI Security (was "Setting up shared repositories")
glen.starrett at march-hare.com
Wed Aug 22 20:40:03 BST 2007
Michael Wojcik wrote:
> cvsagent listens on a TCP socket for password queries and responds with
> cached passwords. That's hardly inaccessible to an attacker.
We recently discussed changing that to model the PuTTY / Pagent method
of communication (it uses Windows messages, I believe). I'm not sure
when this is scheduled.
As always, patches are welcome and appreciated!
Technical Account Manager, North America
March Hare Software, LLC
More information about the cvsnt