Re: Please sign software with GnuPG
- From: Sven Neumann <sven gimp org>
- To: Peter Wainwright <prw wainpr demon co uk>
- Cc: Tor Lillqvist <tml iki fi>, Per Tunedal <pt radvis nu>, gtk-devel-list gnome org, cvsmaster gnome org
- Subject: Re: Please sign software with GnuPG
- Date: 03 Nov 2002 16:51:39 +0100
Peter Wainwright <prw wainpr demon co uk> writes:
> That said, I don't know what the security issues are with CVS.
the most severe security issue with GNOME CVS is probably that it
still uses the pserver protocol that gives no reasonable
authentification at all although there are alternatives around for
years. GNOME CVS is the only CVS server I know of that still doesn't
use ssh key authentification to identify trusted users that are
allowed to commit. Is there a good reason for that?
] [Thread Prev