Next: , Up: Password authenticated   [Contents][Index]


2.9.3.1 ¥Ñ¥¹¥ï¡¼¥Éǧ¾Ú¤Î¤¿¤á¤Î¥µ¡¼¥Ð¤ÎÀßÄê

¤Þ¤ººÇ½é¤Ë¡¢$CVSROOT ¤È $CVSROOT/CVSROOT ¥Ç¥£¥ì¥¯¥È¥ê¤Î »ÈÍѵö²Ä¤ò¤­¤Ä¤¯¤¹¤ë¤³¤È¤ò¹Í¤¨¤ë¤Ç¤·¤ç¤¦¡£¾ÜºÙ¤Ï Password authentication security ¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£

¥µ¡¼¥Ð¦¤Ç¤Ï /etc/inetd.conf ¤òÊÔ½¸¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£ Àµ¤·¤¤¥Ý¡¼¥È¤ËÀܳ¤ò¼õ¤±¤¿»þ¡¢ inetd ¤¬¥³¥Þ¥ó¥É cvs pserver ¤ò¼Â¹Ô¤¹¤ëÍͤËÊѹ¹¤·¤Þ¤¹¡£ ¥Ý¡¼¥ÈÈÖ¹æ¤Î´ûÄêÃÍ¤Ï 2401 ¤Ç¤¹¤¬¡¢ ¥¯¥é¥¤¥¢¥ó¥È¤ò¥³¥ó¥Ñ¥¤¥ë¤·¤¿»þ¤Ë¡¢ CVS_AUTH_PORT ¤Ë¾¤ÎÃͤòÄêµÁ¤·¤¿¾ì¹ç¤Ë¤Ï°Û¤Ê¤ê¤Þ¤¹¡£

¤¢¤Ê¤¿¤Î»ÈÍѤ¹¤ë inetd ¤¬¡¢ ¥Ý¡¼¥ÈÈÖ¹æ¤òÁÇ¤Î¤Þ¤Þ /etc/inetd.conf ¤Ë½ñ¤¤¤ÆÎɤ¤¤Ê¤é¤Ð¡¢ ¼¡¤Îµ­½Ò¤Ç½½Ê¬¤Ç¤·¤ç¤¦ (inetd.conf ¤Ë¤Ï°ì¹Ô¤Çµ­½Ò¤·¤Æ²¼¤µ¤¤):

2401  stream  tcp  nowait  root  /usr/local/bin/cvs
cvs -f --allow-root=/usr/cvsroot pserver

-T’ ¥ª¥×¥·¥ç¥ó¤Ç°ì»þ¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ë¥Ç¥£¥ì¥¯¥È¥ê¤â»ØÄê¤Ç¤­¤Þ¤¹¡£

--allow-root’ ¥ª¥×¥·¥ç¥ó¤Ï»ÈÍѲÄǽ¤Ê CVSROOT ¥Ç¥£¥ì¥¯¥È¥ê¤ò »ØÄꤷ¤Þ¤¹¡£°ã¤¦ CVSROOT ¥Ç¥£¥ì¥¯¥È¥ê¤Î»ÈÍѤò»î¤ß¤ë¥¯¥é¥¤¥¢¥ó¥È¤Ï Àܳ¤Ç¤­¤Þ¤»¤ó¡£µö²Ä¤·¤¿¤¤ CVSROOT ¥Ç¥£¥ì¥¯¥È¥ê¤¬2¤Ä°Ê¾å¤¢¤ë¤Ê¤é¡¢ ¥ª¥×¥·¥ç¥ó¤ò·«¤êÊÖ¤·¤Æ¤¯¤À¤µ¤¤¡£(ÉÔ¹¬¤Ê¤³¤È¤Ë¡¢inetd ¤Î¿¤¯¤Î¥Ð¡¼ ¥¸¥ç¥ó¤Ï¥³¥Þ¥ó¥É¤È°ú¿ô¤ÎξÊý¡¢¤â¤·¤¯¤Ï¤É¤Á¤é¤«¤ÎŤµÁ´ÂΤËÂФ·¤ÆÈó¾ï¤Ë ¾®¤µ¤¯¤Ê¤ë¤è¤¦¤ËÀ©¸Â¤ò²Ý¤·¤Æ¤¤¤Þ¤¹¡£¤³¤ÎÌäÂê¤ËÂФ¹¤ëÉáÄ̤βò·è¤Ï¡¢ inetd ¤Ë CVS ¤òɬÍפʰú¿ô¤È¶¦¤Ëµ¯Æ°¤¹¤ë¥·¥§¥ë¥¹¥¯¥ê¥×¥È¤ò ¼Â¹Ô¤µ¤»¤ë¤³¤È¤Ç¤¹¡£)

¤¢¤Ê¤¿¤Î»ÈÍѤ¹¤ë inetd ¤¬¡¢ ÁǤΥݡ¼¥ÈÈÖ¹æ¤Ç¤Ï¤Ê¤¯¡¢¥µ¡¼¥Ó¥¹Ì¾¤òÍ׵᤹¤ë¤Ê¤é¤Ð¡¢ /etc/services ¤Ë¼¡¤Î¹Ô¤òÄɲ䷤Ʋ¼¤µ¤¤:

cvspserver      2401/tcp

¤½¤·¤Æ inetd.conf ¤Ë¤Ï¡¢ 2401 ¤Ç¤Ï¤Ê¤¯ cvspserver ¤Èµ­½Ò¤·¤Æ²¼¤µ¤¤¡£

°Ê¾å¤òÃí°Õ¤·¤Æ¹Ô¤Ê¤Ã¤¿¸å¡¢ inetd ¤òºÆµ¯Æ°¤¹¤ë¤«¡¢ ½é´üÀßÄê¥Õ¥¡¥¤¥ë¤òºÆÆÉ¤µ¤»¤ë¤Î¤ËɬÍפʽèÃÖ¤ò¼è¤Ã¤Æ²¼¤µ¤¤¡£

¤³¤ì¤ÎÀßÄê¤ËÌäÂ꤬¤¢¤ë¤È¤­¤Ï¡¢Connection ¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£

¥¯¥é¥¤¥¢¥ó¥È¤Ï¥Ñ¥¹¥ï¡¼¥É¤òʿʸ¤Î¤Þ¤ÞÊݸ¤Þ¤¿¤ÏÅÁÁ÷¤·¤Þ¤¹ (¤Û¤Ü¤½¤Î¤è¤¦¤Ë—¾ÜºÙ¤Ï Password authentication security)¡£ ½¾¤Ã¤Æ¡¢¥ê¥Ý¥¸¥È¥ê¤òÍøÍѤ¹¤ë»þ¤Ë¡¢ Àµµ¬¤Î¥Ñ¥¹¥ï¡¼¥É¤ò´í¸±¤ËÇø¤µ¤Ê¤¤¤¿¤á¤Ë¡¢ CVS ¤Ç¤ÏÉáÄ̤ÏÊ̤Υѥ¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤ò»ÈÍѤ·¤Þ¤¹¡£ ¤³¤Î¥Õ¥¡¥¤¥ë¤Ï $CVSROOT/CVSROOT/passwd ¤Ç¤¹¡£ Í󤬾¯¤Ê¤¤¤³¤È¤ò½ü¤±¤Ð¡¢Unix ¥·¥¹¥Æ¥à¤Ç¤Î /etc/passwd ¤ÈƱÍÍ¤Ë ¥³¥í¥ó¤Çʬ³ä¤·¤¿½ñ¼°¤ò»È¤¤¤Þ¤¹: CVS »ÈÍѼÔ̾¡¢¾Êά²Äǽ¤Ê¥Ñ¥¹¥ï¡¼¥É¡¢Ç§¾Ú¤¬À®¸ù¤·¤¿¤«¤Î¤è¤¦¤Ë ¼Â¹Ô¤¹¤ë¤¿¤á¤Ë¥µ¡¼¥Ð¤¬»ÈÍѤ¹¤ëǤ°Õ¤Ë¾Êά²Äǽ¤Ê»ÈÍѼÔ̾¤Ç¤¹¡£ ¼¡¤Ë5¤Ä¤ÎÅÐÏ¿¤¬¤¢¤ë passwd ¥Õ¥¡¥¤¥ë¤òÎ㼨¤·¤Þ¤¹:

anonymous:
bach:ULtgRLXo7NRxs
spwang:1sOp854gDF3DY
melissa:tGX1fS8sun6rY:pubcvs
qproj:XR4EZcEs0szik:pubcvs

¥Ñ¥¹¥ï¡¼¥É¤Ï¡¢É¸½à Unix ¤Î´Ø¿ô crypt() ¤Ë¤è¤Ã¤Æ°Å¹æ²½¤µ¤ì¤Þ¤¹¡£ ½¾¤Ã¤Æ¡¢É¸½à Unix ¤Î /etc/passwd ¤«¤éľÀÜ¥³¥Ô¡¼¤¹¤ë¤³¤È¤â²Äǽ¤Ç¤¹¡£

Îã¤ÎºÇ½é¤Î¹Ô¤Ï»ÈÍÑ¼Ô anonymous ¤È¤·¤ÆÇ§¾Ú¤·¤è¤¦¤È¤¹¤ëÁ´¤Æ¤Î CVS ¥¯¥é¥¤¥¢¥ó¥È¤Ë¶õ¥Ñ¥¹¥ï¡¼¥É¤Ê¤É¡¢¥Ñ¥¹¥ï¡¼¥É¤Ë´Ø¤ï¤é¤º¡¢»ÈÍѤò µö²Ä¤·¤Þ¤¹¡£(¤³¤ì¤Ïƿ̾ÆÉ¤ß¹þ¤ßÀìÍÑ¥¢¥¯¥»¥¹¤òµö²Ä¤¹¤ë¥µ¥¤¥È¤Ç¤è¤¯ ¤¹¤ë¤³¤È¤Ç¤¹¡£"ÆÉ¤ß¹þ¤ßÀìÍÑ" ¤ÎÊýË¡¤Ï Read-only access ¤ò»²¾È¤· ¤Æ¤¯¤À¤µ¤¤¡£)

2¹ÔÌܤÈ3¹ÔÌÜ¤Ï bach ¤È spwang ¤¬¤½¤ì¤¾¤ìʿʸ¤Î¥Ñ¥¹¥ï¡¼¥É ¤òÄ󶡤·¤¿¾ì¹ç¤Ë¥¢¥¯¥»¥¹¤òµö²Ä¤·¤Þ¤¹¡£

4¹ÔÌÜ¤Ï mellisa ¤¬Àµ¤·¤¤¥Ñ¥¹¥ï¡¼¥É¤ò»ÈÍѤ·¤¿¤È¤­¤Ë¥¢¥¯¥»¥¹¤òµö ²Ä¤·¤Þ¤¹¤¬¡¢Èà½÷¤Î CVS ¤Ç¤ÎÁàºî¤Ï¥µ¡¼¥Ð¤Ç¤Ï¥·¥¹¥Æ¥à¥æ¡¼¥¶ pubcvs ¤È¤·¤Æ¹Ô¤ï¤ì¤Þ¤¹¡£¤Ç¤¹¤«¤é¡¢melissa ¤È¤¤¤¦Ì¾Á°¤Î ¥·¥¹¥Æ¥à»ÈÍѼԤÏɬÍפǤϤ¢¤ê¤Þ¤»¤ó¤¬¡¢pubcvs ¤È¤¤¤¦Ì¾Á°¤Î»ÈÍÑ¼Ô ¤Ï¸ºß¤·¤Æ¤¤¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£

5¹ÔÌܤϥ·¥¹¥¹¥Æ¥à¥æ¡¼¥¶¤Ï¶¦Í­¤Ç¤­¤ë¤³¤È¤ò¼¨¤·¤Æ¤¤¤Þ¤¹¡£qproj ¤È ¤·¤ÆÇ§¾Ú¤òÀ®¸ù¤·¤¿Á´¤Æ¤Î¥¯¥é¥¤¥¢¥ó¥È¤Ï melissa ¤ÈƱÍͤˡ¢¼ÂºÝ¤Ï pubcvs ¤Ç¤·¤Æ¼Â¹Ô¤·¤Þ¤¹¡£¤½¤Î¤è¤¦¤Ë¤¹¤ë¤³¤È¤Ç¡¢¥ê¥Ý¥¸¥È¥êÃæ¤Ë¤½ ¤ì¤¾¤ì¤Î¥×¥í¥¸¥§¥¯¥È¤´¤È¤ËñÆÈ¤Î¶¦Í­¥æ¡¼¥¶¤òºîÀ®¤¹¤ë¤³¤È¤¬¤Ç¤­¡¢¤½¤ì¤¾ ¤ì¤Î³«È¯¼Ô¤Ë $CVSROOT/CVSROOT/passwd ¥Õ¥¡¥¤¥ë¤ÇÀìÍѤιԤòÍ¿¤¨¤ë ¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£¤½¤ì¤¾¤ì¤Î¹Ô¤Î CVS »ÈÍѼÔ̾¤Ï°ã¤¦¤«¤â¤·¤ì¤Þ¤»¤ó¤¬¡¢ ¥·¥¹¥Æ¥à¤Î»ÈÍѼÔ̾¤ÏƱ¤¸¤Ç¤¹¡£Ê̤ΠCVS »ÈÍѼÔ̾¤ò»È¤¦Íýͳ¤Ï¡¢CVS ¤ÏÁàºî¤ò¤½¤ì¤é¤Î̾Á°¤Çµ­Ï¿¤¹¤ë¤«¤é¤Ç¤¹: melissa ¤¬Êѹ¹¤ò¥×¥í¥¸¥§ ¥¯¥È¤Ë½ñ¤­¹þ¤à¤È¡¢¤½¤Î³ÊǼ¤Ï¥×¥í¥¸¥§¥¯¥È¤ÎÍúÎò¤Ë pubcvs ¤Ç¤Ï¤Ê ¤¯¡¢melissa ¤Î̾Á°¤Çµ­Ï¿¤µ¤ì¤Þ¤¹¡£¥·¥¹¥Æ¥à¤Î¥æ¡¼¥¶Ì¾¤ò¶¦Í­¤¹¤ë Íýͳ¤Ï¡¢¥ê¥Ý¥¸¥È¥ê¤Î³ºÅö¤¹¤ëÉôʬ¤Î»ÈÍѵö²Ä¤ò¡¢¤½¤Î¥¢¥«¥¦¥ó¥È¤Î¤ß¤¬½ñ¤­ ¹þ¤ßµö²Ä¤ò»ý¤Ä¤è¤¦¤ËÀßÄꤹ¤ë¤³¤È¤¬¤Ç¤­¤ë¤«¤é¤Ç¤¹¡£

CVS ¤Ï¥·¥¹¥Æ¥àǧ¾Ú¤ò¹Ô¤Ê¤¦¤³¤È¤â¤Ç¤­¤Þ¤¹¡£ ¥Ñ¥¹¥ï¡¼¥Éǧ¾Ú¤Ç¤Ï¡¢¤Þ¤º¥µ¡¼¥Ð¤¬¡¢$CVSROOT/CVSROOT/passwd ¥Õ¥¡¥¤¥ëÃæ¤Î¡¢»ÈÍѼԤΥ¨¥ó¥È¥ê¤ò³Îǧ¤·¤Þ¤¹¡£ »ÈÍѼԤΥ¨¥ó¥È¥ê¤¬¤¢¤ì¤Ð¡¢¤½¤Î¥¨¥ó¥È¥ê¤ò¾å¤ÇÀâÌÀ¤µ¤ì¤¿ÍÍ¤Ë Ç§¾Ú¤Ë»ÈÍѤ·¤Þ¤¹¡£ ¥æ¡¼¥¶¤òȯ¸«¤Ç¤­¤Ê¤¤¤«¡¢CVS ¤Î passwd ¥Õ¥¡¥¤¥ë¤¬ ¸ºß¤·¤Ê¤¤¾ì¹ç¤Ë¤Ï¡¢¥ª¥Ú¥ì¡¼¥Æ¥£¥ó¥°¥·¥¹¥Æ¥à¤Î»ÈÍѼԤÎÄ´ººµ¡¹½¤ò »È¤Ã¤Æ»ÈÍѼÔ̾¤È¥Ñ¥¹¥ï¡¼¥É¤È¤Îǧ¾Ú¤ò»î¤¹¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£ (¤³¤Î¼ºÇÔ»þ¤Îưºî¤Ï config ¥Õ¥¡¥¤¥ë¤Ç SystemAuth=no ¤ò ÀßÄꤹ¤ë¤³¤È¤Ç¡¢»ÈÍÑÉÔǽ¤Ë¤¹¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹)¡£ ¤·¤«¤·¤Ê¤¬¤é¡¢¥·¥¹¥Æ¥à¤Îǧ¾Ú¤ËΩ¤ÁÌá¤ë¤³¤È¤Ï°ÂÁ´À­¤ÎÌÌ¤Ç ´í¸±¤òËÁ¤¹¤³¤È¤Ë¤Ê¤ë¤«¤â¤·¤ì¤Ê¤¤¤³¤È¤Ë¤ÏÃí°Õ¤·¤Æ¤¯¤À¤µ¤¤: CVS ¤ÎÁàºî¤Ï¤½¤Î¥æ¡¼¥¶¤ÎÉáÄÌ¤Î¥í¥°¥¤¥ó¥Ñ¥¹¥ï¡¼¥É¤Çǧ¾Ú¤µ¤ì¡¢ ¥Ñ¥¹¥ï¡¼¥É¤Ï¥Í¥Ã¥È¥ï¡¼¥¯¤òʿʸ¤Çή¤ì¤Þ¤¹¡£¾Ü¤·¤¯¤Ï Password authentication security ¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£

¸½ºß¡¢ CVS ¤Î passwd ¥Õ¥¡¥¤¥ë¤Ë¥Ñ¥¹¥ï¡¼¥É¤ò²Ã¤¨¤ë¤Ë¤Ï¡¢ ¾¤Î¤É¤³¤«¤«¤é¥³¥Ô¡¼¤¹¤ë¤·¤«ÊýË¡¤¬¤¢¤ê¤Þ¤»¤ó¡£ ¤¤¤Ä¤ÎÆü¤« cvs passwd ¥³¥Þ¥ó¥É¤¬¤Ç¤­¤ë¤³¤È¤Ç¤·¤ç¤¦¡£

$CVSROOT/CVSROOT ¤Î¿¤¯¤Î¥Õ¥¡¥¤¥ë¤È°ã¤Ã¤Æ¡¢passwd ¥Õ¥¡¥¤ ¥ë¤Ï CVS ·Ðͳ¤Ç¤Ï¤Ê¤¯¡¢Ä¾ÀÜÊÔ½¸¤¹¤ë¤Î¤¬ÉáÄ̤Ǥ¹¡£ ¤³¤ì¤Ïpasswd ¥Õ¥¡¥¤¥ë¤¬ºî¶È¥³¥Ô¡¼¤Ë´Þ¤Þ¤ì¤Æ¤¤¤ë¥»¥­¥å¥ê¥Æ¥£¤Î ´í¸±À­¤Î¤¿¤á¤Ç¤¹¡£passwd ¥Õ¥¡¥¤¥ë¤ò $CVSROOT/CVSROOT ¤ò ¥Á¥§¥Ã¥¯¥¢¥¦¥È¤Ë´Þ¤á¤¿¤¤¾ì¹ç¤Ï checkoutlist ¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£


Next: , Up: Password authenticated   [Contents][Index]