Re: Git cvsserver serious issue

On 09/23/2010 11:18 AM, Magnus Hagander wrote:
> On Thu, Sep 23, 2010 at 17:16, Tom Lane<tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> Magnus Hagander<magnus(at)hagander(dot)net> writes:
>>> So, I found (with some helpful hints from Robert who caught the final
>>> nail in the coffin) a good reason why we really can't run a
>>> git-cvsserver globally.
>>> Any user can point their cvs client at the repository. And check out
>>> an arbitrary branch, tag *or individual commit*. Doing so will create
>>> a 50Mb sqlite database on the server with cache information about that
>>> head.
>> I'm still wondering why we don't simply lobotomize git-cvsserver to
>> refuse requests to check out anything except the active branch tips.
>> It's only a Perl script. I could probably hack it in an hour,
>> there are those here who could do it in ten minutes.
> Yeah, that would not be a bad idea - if someone can do it who feels
> comfortable doing it :-)
>
> I could probably hack it up as well, but I wouldn't trust myself to
> have convered all the bases.
>

Are we sure that's going to stop the DOS issue?

cheers

andrew