Update the cvs pserver example so that it gives some more obvious clues

about the --allow-root switch. PR: 14463
1999-12-26 15:18:58 +00:00 · 1999-12-26 15:18:58 +00:00 · 6e6afaaf50
commit 6e6afaaf50
parent 04d6f826d6
1 changed files with 5 additions and 3 deletions
--- a/etc/inetd.conf
+++ b/etc/inetd.conf
@ -41,10 +41,12 @@ ntalk	dgram	udp	wait	tty:tty	/usr/libexec/ntalkd	ntalkd
 #kshell	stream	tcp	nowait	root	/usr/libexec/rshd	rshd -k
 #kip	stream	tcp	nowait	root	/usr/libexec/kipd	kipd
 #
-# CVS servers - for master CVS repositories only!
+# CVS servers - for master CVS repositories only!  You must set the
+# --allow-root path correctly or you open a trivial to exploit but
+# deadly security hole.
 #
-#cvspserver	stream	tcp	nowait	root	/usr/bin/cvs	cvs pserver
-#cvs		stream	tcp	nowait	root	/usr/bin/cvs	cvs kserver
+#cvspserver	stream	tcp	nowait	root	/usr/bin/cvs	cvs --allow-root=/your/cvsroot/here pserver
+#cvs		stream	tcp	nowait	root	/usr/bin/cvs	cvs --allow-root=/your/cvsroot/here kserver
 #
 # RPC based services (you MUST have portmapper running to use these)
 #