[cvsnt] Re: CVS edit - CVS/Notify bug
Tony Hoyle
tmh at nodomain.org
Wed May 12 11:55:26 BST 2004
Arthur Barrett wrote:
> cvs edit: Server attempted to update a file via an invalid pathname:
> cvs [edit aborted]: 'I:/blah/blab/zoop/dev_u8301/sources/components
> /'.
That's a security fix. Basically the client no longer trusts the server
like it used to (a trojanned server or even a dodgy loginfo script could
have written files pretty much anywhere on your machine before). I'm
actually surprised edit of an absolute path ever worked... it shouldn't
have.
> I:\blah\blab\zoop\dev_u8301>cd sources\components
>
> I:\blah\blab\zoop\dev_u8301\sources\components>cvs edit agb_export.xml
> cvs [edit aborted]: cannot open CVS/Notify: No such file or directory
>
As far as I can tell that shouldn't happen... I'll take a look at it.
Tony
More information about the cvsnt
mailing list