PHPBuilder - The Power of CVS Page 2

RSS Twitter

The Power of CVS - Page 2

by: Tim Perdue
July 30, 2000

CVS inherently communicates using clear text, even when sending your password. If you're the type of developer who has deactivated telnet and ftp and POP mail because of that, you won't be satisfied with the security that CVS offers on the server side. One approach (the one I took), is to create a file called passwd in your $CVSROOT/CVSROOT directory. That file can contain a username/encrypted password combination similar to /etc/passwd. The username in that file should be a user that does not exist on your machine. If someone were to intercept the clear-text password, they could not telnet to your box. However they could commit junk code to your CVS tree and make life generally miserable. There are ways to incorporate secure communication with CVS, but it looked like a hassle and I avoided it. The best policy is frequent, offsite-backups that are kept eternally (my personal policy). For more info, check here.
So your CVS tree is initialized and you are using a passwd file. Now you should login to CVS. Since my CVS server is a different box than the one I'm on, I need to use a long, drawn-out -d option to specify the server:
[tperdue@db columns] $ cvs -d login
OK, you're logged in. CVS just stored your password in an easily-hacked file in your home directory.
All of my existing code was stored on my sexy little VAIO laptop, so I had to import it.
[tperdue@db columns] $ cd ..
[tperdue@db] $ cvs -d import -m "start" x a
The -m option attaches a message ("start"). is the directory to create under the CVSROOT. "x" is a "vendor tag", which is required here, but not referenced. "a" is the release version.
That command imported everything that fell beneath my directory (everything on this site) into the tree.

« Previous Page
Next Page »

Comment and Contribute

Your comment has been submitted and is pending approval.

Tim Perdue



(Maximum characters: 1200). You have characters left.