slackbuilds/development/cvsd/README

cvsd is a wrapper program for cvs in pserver mode. it will run 'cvs
pserver' under a special uid/gid in a chroot jail.

cvsd is run as a daemon and is controlled through a configuration
file. It is relatively easy to configure and provides tools for easy
setting up a chroot jail.

This server can be useful if you want to run a public cvs pserver. You
should however be aware of the security limitations of running a cvs
pserver. If you want any kind of authentication you should really
consider using secure shell as a secure authentication mechanism and
transport. Passwords used in cvs pserver are transmitted in plain
text.

This wrapper adds a layer of security to the cvs server. cvs is
a very powerful tool and is capable of running scripts and other
things. Running cvs in a chroot jail it is possible to limit the
amount of "damage" cvs can do if it is exploited. It is generally a
good idea to run cvsd without any write permissions to any directory
on the system.

Features of cvsd include:
 * running in chroot jail
 * configuring chroot jail
 * running under a non-root uid
 * set a nice value
 * limit resource usage
 * limit number of connections
 * relatively easy to set up