[Techtalk] Content management systems

[Cynthia Kiser]

The majority of the CVS security issues involve the pserver
functionality, which you only need to use when allowing cvs commits
from people who do not have shell accounts on your machine. If your
project only needs read/write privs for folks you trust enough to have
shell accounts (with or without anonymous read access), then just have
everyone use ssh rather than pserver to access the repository and you
should be fairly safe.
-- 
Cynthia N. Kiser
cnk at ugcs.caltech.edu