%!PS-Adobe-2.0 %%Creator: dvipsk 5.58f Copyright 1986, 1994 Radical Eye Software %%Title: anoncvs_freenix.dvi %%Pages: 9 %%PageOrder: Ascend %%BoundingBox: 0 0 612 792 %%DocumentFonts: Times-Bold Times-Roman Times-Italic Courier %%DocumentPaperSizes: Letter %%EndComments %DVIPSCommandLine: dvips -o /tmp/anoncvs_freenix.ps anoncvs_freenix %DVIPSParameters: dpi=600, comments removed %DVIPSSource: TeX output 1999.04.26:1706 %%BeginProcSet: tex.pro /TeXDict 250 dict def TeXDict begin /N{def}def /B{bind def}N /S{exch}N /X{S N}B /TR{translate}N /isls false N /vsize 11 72 mul N /hsize 8.5 72 mul N /landplus90{false}def /@rigin{isls{[0 landplus90{1 -1}{-1 1} ifelse 0 0 0]concat}if 72 Resolution div 72 VResolution div neg scale isls{landplus90{VResolution 72 div vsize mul 0 exch}{Resolution -72 div hsize mul 0}ifelse TR}if Resolution VResolution vsize -72 div 1 add mul TR[matrix currentmatrix{dup dup round sub abs 0.00001 lt{round}if} forall round exch round exch]setmatrix}N /@landscape{/isls true N}B /@manualfeed{statusdict /manualfeed true put}B /@copies{/#copies X}B /FMat[1 0 0 -1 0 0]N /FBB[0 0 0 0]N /nn 0 N /IE 0 N /ctr 0 N /df-tail{ /nn 8 dict N nn begin /FontType 3 N /FontMatrix fntrx N /FontBBox FBB N string /base X array /BitMaps X /BuildChar{CharBuilder}N /Encoding IE N end dup{/foo setfont}2 array copy cvx N load 0 nn put /ctr 0 N[}B /df{ /sf 1 N /fntrx FMat N df-tail}B /dfs{div /sf X /fntrx[sf 0 0 sf neg 0 0] N df-tail}B /E{pop nn dup definefont setfont}B /ch-width{ch-data dup length 5 sub get}B /ch-height{ch-data dup length 4 sub get}B /ch-xoff{ 128 ch-data dup length 3 sub get sub}B /ch-yoff{ch-data dup length 2 sub get 127 sub}B /ch-dx{ch-data dup length 1 sub get}B /ch-image{ch-data dup type /stringtype ne{ctr get /ctr ctr 1 add N}if}B /id 0 N /rw 0 N /rc 0 N /gp 0 N /cp 0 N /G 0 N /sf 0 N /CharBuilder{save 3 1 roll S dup /base get 2 index get S /BitMaps get S get /ch-data X pop /ctr 0 N ch-dx 0 ch-xoff ch-yoff ch-height sub ch-xoff ch-width add ch-yoff setcachedevice ch-width ch-height true[1 0 0 -1 -.1 ch-xoff sub ch-yoff .1 sub]{ch-image}imagemask restore}B /D{/cc X dup type /stringtype ne{]} if nn /base get cc ctr put nn /BitMaps get S ctr S sf 1 ne{dup dup length 1 sub dup 2 index S get sf div put}if put /ctr ctr 1 add N}B /I{ cc 1 add D}B /bop{userdict /bop-hook known{bop-hook}if /SI save N @rigin 0 0 moveto /V matrix currentmatrix dup 1 get dup mul exch 0 get dup mul add .99 lt{/QV}{/RV}ifelse load def pop pop}N /eop{SI restore userdict /eop-hook known{eop-hook}if showpage}N /@start{userdict /start-hook known{start-hook}if pop /VResolution X /Resolution X 1000 div /DVImag X /IE 256 array N 0 1 255{IE S 1 string dup 0 3 index put cvn put}for 65781.76 div /vsize X 65781.76 div /hsize X}N /p{show}N /RMat[1 0 0 -1 0 0]N /BDot 260 string N /rulex 0 N /ruley 0 N /v{/ruley X /rulex X V}B /V {}B /RV statusdict begin /product where{pop product dup length 7 ge{0 7 getinterval dup(Display)eq exch 0 4 getinterval(NeXT)eq or}{pop false} ifelse}{false}ifelse end{{gsave TR -.1 .1 TR 1 1 scale rulex ruley false RMat{BDot}imagemask grestore}}{{gsave TR -.1 .1 TR rulex ruley scale 1 1 false RMat{BDot}imagemask grestore}}ifelse B /QV{gsave newpath transform round exch round exch itransform moveto rulex 0 rlineto 0 ruley neg rlineto rulex neg 0 rlineto fill grestore}B /a{moveto}B /delta 0 N /tail {dup /delta X 0 rmoveto}B /M{S p delta add tail}B /b{S p tail}B /c{-4 M} B /d{-3 M}B /e{-2 M}B /f{-1 M}B /g{0 M}B /h{1 M}B /i{2 M}B /j{3 M}B /k{ 4 M}B /w{0 rmoveto}B /l{p -4 w}B /m{p -3 w}B /n{p -2 w}B /o{p -1 w}B /q{ p 1 w}B /r{p 2 w}B /s{p 3 w}B /t{p 4 w}B /x{0 S rmoveto}B /y{3 2 roll p a}B /bos{/SS save N}B /eos{SS restore}B end %%EndProcSet %%BeginFont: Times-Bold % @@psencodingfile@{ % author = "S. Rahtz, P. MacKay, Alan Jeffrey, B. Horn, K. Berry", % version = "0.6", % date = "22 June 1996", % filename = "8r.enc", % email = "kb@@mail.tug.org", % address = "135 Center Hill Rd. // Plymouth, MA 02360", % codetable = "ISO/ASCII", % checksum = "119 662 4424", % docstring = "Encoding for TrueType or Type 1 fonts to be used with TeX." % @} % % Idea is to have all the characters normally included in Type 1 fonts % available for typesetting. This is effectively the characters in Adobe % Standard Encoding + ISO Latin 1 + extra characters from Lucida. % % Character code assignments were made as follows: % % (1) the Windows ANSI characters are almost all in their Windows ANSI % positions, because some Windows users cannot easily reencode the % fonts, and it makes no difference on other systems. The only Windows % ANSI characters not available are those that make no sense for % typesetting -- rubout (127 decimal), nobreakspace (160), softhyphen % (173). quotesingle and grave are moved just because it's such an % irritation not having them in TeX positions. % % (2) Remaining characters are assigned arbitrarily to the lower part % of the range, avoiding 0, 10 and 13 in case we meet dumb software. % % (3) Y&Y Lucida Bright includes some extra text characters; in the % hopes that other PostScript fonts, perhaps created for public % consumption, will include them, they are included starting at 0x12. % % (4) Remaining positions left undefined are for use in (hopefully) % upward-compatible revisions, if someday more characters are generally % available. % % (5) hyphen appears twice for compatibility with both ASCII and Windows. % /TeXBase1Encoding [ % 0x00 (encoded characters from Adobe Standard not in Windows 3.1) /.notdef /dotaccent /fi /fl /fraction /hungarumlaut /Lslash /lslash /ogonek /ring /.notdef /breve /minus /.notdef % These are the only two remaining unencoded characters, so may as % well include them. /Zcaron /zcaron % 0x10 /caron /dotlessi % (unusual TeX characters available in, e.g., Lucida Bright) /dotlessj /ff /ffi /ffl /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef % very contentious; it's so painful not having quoteleft and quoteright % at 96 and 145 that we move the things normally found there down to here. /grave /quotesingle % 0x20 (ASCII begins) /space /exclam /quotedbl /numbersign /dollar /percent /ampersand /quoteright /parenleft /parenright /asterisk /plus /comma /hyphen /period /slash % 0x30 /zero /one /two /three /four /five /six /seven /eight /nine /colon /semicolon /less /equal /greater /question % 0x40 /at /A /B /C /D /E /F /G /H /I /J /K /L /M /N /O % 0x50 /P /Q /R /S /T /U /V /W /X /Y /Z /bracketleft /backslash /bracketright /asciicircum /underscore % 0x60 /quoteleft /a /b /c /d /e /f /g /h /i /j /k /l /m /n /o % 0x70 /p /q /r /s /t /u /v /w /x /y /z /braceleft /bar /braceright /asciitilde /.notdef % rubout; ASCII ends % 0x80 /.notdef /.notdef /quotesinglbase /florin /quotedblbase /ellipsis /dagger /daggerdbl /circumflex /perthousand /Scaron /guilsinglleft /OE /.notdef /.notdef /.notdef % 0x90 /.notdef /.notdef /.notdef /quotedblleft /quotedblright /bullet /endash /emdash /tilde /trademark /scaron /guilsinglright /oe /.notdef /.notdef /Ydieresis % 0xA0 /.notdef % nobreakspace /exclamdown /cent /sterling /currency /yen /brokenbar /section /dieresis /copyright /ordfeminine /guillemotleft /logicalnot /hyphen % Y&Y (also at 45); Windows' softhyphen /registered /macron % 0xD0 /degree /plusminus /twosuperior /threesuperior /acute /mu /paragraph /periodcentered /cedilla /onesuperior /ordmasculine /guillemotright /onequarter /onehalf /threequarters /questiondown % 0xC0 /Agrave /Aacute /Acircumflex /Atilde /Adieresis /Aring /AE /Ccedilla /Egrave /Eacute /Ecircumflex /Edieresis /Igrave /Iacute /Icircumflex /Idieresis % 0xD0 /Eth /Ntilde /Ograve /Oacute /Ocircumflex /Otilde /Odieresis /multiply /Oslash /Ugrave /Uacute /Ucircumflex /Udieresis /Yacute /Thorn /germandbls % 0xE0 /agrave /aacute /acircumflex /atilde /adieresis /aring /ae /ccedilla /egrave /eacute /ecircumflex /edieresis /igrave /iacute /icircumflex /idieresis % 0xF0 /eth /ntilde /ograve /oacute /ocircumflex /otilde /odieresis /divide /oslash /ugrave /uacute /ucircumflex /udieresis /yacute /thorn /ydieresis ] def %%EndFont %%BeginProcSet: texps.pro TeXDict begin /rf{findfont dup length 1 add dict begin{1 index /FID ne 2 index /UniqueID ne and{def}{pop pop}ifelse}forall[1 index 0 6 -1 roll exec 0 exch 5 -1 roll VResolution Resolution div mul neg 0 0]/Metrics exch def dict begin Encoding{exch dup type /integertype ne{pop pop 1 sub dup 0 le{pop}{[}ifelse}{FontMatrix 0 get div Metrics 0 get div def} ifelse}forall Metrics /Metrics currentdict end def[2 index currentdict end definefont 3 -1 roll makefont /setfont load]cvx def}def /ObliqueSlant{dup sin S cos div neg}B /SlantFont{4 index mul add}def /ExtendFont{3 -1 roll mul exch}def /ReEncodeFont{/Encoding exch def}def end %%EndProcSet %%BeginProcSet: special.pro TeXDict begin /SDict 200 dict N SDict begin /@SpecialDefaults{/hs 612 N /vs 792 N /ho 0 N /vo 0 N /hsc 1 N /vsc 1 N /ang 0 N /CLIP 0 N /rwiSeen false N /rhiSeen false N /letter{}N /note{}N /a4{}N /legal{}N}B /@scaleunit 100 N /@hscale{@scaleunit div /hsc X}B /@vscale{@scaleunit div /vsc X}B /@hsize{/hs X /CLIP 1 N}B /@vsize{/vs X /CLIP 1 N}B /@clip{ /CLIP 2 N}B /@hoffset{/ho X}B /@voffset{/vo X}B /@angle{/ang X}B /@rwi{ 10 div /rwi X /rwiSeen true N}B /@rhi{10 div /rhi X /rhiSeen true N}B /@llx{/llx X}B /@lly{/lly X}B /@urx{/urx X}B /@ury{/ury X}B /magscale true def end /@MacSetUp{userdict /md known{userdict /md get type /dicttype eq{userdict begin md length 10 add md maxlength ge{/md md dup length 20 add dict copy def}if end md begin /letter{}N /note{}N /legal{} N /od{txpose 1 0 mtx defaultmatrix dtransform S atan/pa X newpath clippath mark{transform{itransform moveto}}{transform{itransform lineto} }{6 -2 roll transform 6 -2 roll transform 6 -2 roll transform{ itransform 6 2 roll itransform 6 2 roll itransform 6 2 roll curveto}}{{ closepath}}pathforall newpath counttomark array astore /gc xdf pop ct 39 0 put 10 fz 0 fs 2 F/|______Courier fnt invertflag{PaintBlack}if}N /txpose{pxs pys scale ppr aload pop por{noflips{pop S neg S TR pop 1 -1 scale}if xflip yflip and{pop S neg S TR 180 rotate 1 -1 scale ppr 3 get ppr 1 get neg sub neg ppr 2 get ppr 0 get neg sub neg TR}if xflip yflip not and{pop S neg S TR pop 180 rotate ppr 3 get ppr 1 get neg sub neg 0 TR}if yflip xflip not and{ppr 1 get neg ppr 0 get neg TR}if}{noflips{TR pop pop 270 rotate 1 -1 scale}if xflip yflip and{TR pop pop 90 rotate 1 -1 scale ppr 3 get ppr 1 get neg sub neg ppr 2 get ppr 0 get neg sub neg TR}if xflip yflip not and{TR pop pop 90 rotate ppr 3 get ppr 1 get neg sub neg 0 TR}if yflip xflip not and{TR pop pop 270 rotate ppr 2 get ppr 0 get neg sub neg 0 S TR}if}ifelse scaleby96{ppr aload pop 4 -1 roll add 2 div 3 1 roll add 2 div 2 copy TR .96 dup scale neg S neg S TR}if}N /cp {pop pop showpage pm restore}N end}if}if}N /normalscale{Resolution 72 div VResolution 72 div neg scale magscale{DVImag dup scale}if 0 setgray} N /psfts{S 65781.76 div N}N /startTexFig{/psf$SavedState save N userdict maxlength dict begin /magscale true def normalscale currentpoint TR /psf$ury psfts /psf$urx psfts /psf$lly psfts /psf$llx psfts /psf$y psfts /psf$x psfts currentpoint /psf$cy X /psf$cx X /psf$sx psf$x psf$urx psf$llx sub div N /psf$sy psf$y psf$ury psf$lly sub div N psf$sx psf$sy scale psf$cx psf$sx div psf$llx sub psf$cy psf$sy div psf$ury sub TR /showpage{}N /erasepage{}N /copypage{}N /p 3 def @MacSetUp}N /doclip{ psf$llx psf$lly psf$urx psf$ury currentpoint 6 2 roll newpath 4 copy 4 2 roll moveto 6 -1 roll S lineto S lineto S lineto closepath clip newpath moveto}N /endTexFig{end psf$SavedState restore}N /@beginspecial{SDict begin /SpecialSave save N gsave normalscale currentpoint TR @SpecialDefaults count /ocount X /dcount countdictstack N}N /@setspecial {CLIP 1 eq{newpath 0 0 moveto hs 0 rlineto 0 vs rlineto hs neg 0 rlineto closepath clip}if ho vo TR hsc vsc scale ang rotate rwiSeen{rwi urx llx sub div rhiSeen{rhi ury lly sub div}{dup}ifelse scale llx neg lly neg TR }{rhiSeen{rhi ury lly sub div dup scale llx neg lly neg TR}if}ifelse CLIP 2 eq{newpath llx lly moveto urx lly lineto urx ury lineto llx ury lineto closepath clip}if /showpage{}N /erasepage{}N /copypage{}N newpath }N /@endspecial{count ocount sub{pop}repeat countdictstack dcount sub{ end}repeat grestore SpecialSave restore end}N /@defspecial{SDict begin} N /@fedspecial{end}B /li{lineto}B /rl{rlineto}B /rc{rcurveto}B /np{ /SaveX currentpoint /SaveY X N 1 setlinecap newpath}N /st{stroke SaveX SaveY moveto}N /fil{fill SaveX SaveY moveto}N /ellipse{/endangle X /startangle X /yrad X /xrad X /savematrix matrix currentmatrix N TR xrad yrad scale 0 0 1 startangle endangle arc savematrix setmatrix}N end %%EndProcSet TeXDict begin 40258431 52099146 1000 600 600 (anoncvs_freenix.dvi) @start /Fa 138[40 40 40 40 40 40 40 2[40 4[40 40 40 2[40 11[40 2[40 15[40 19[40 40 46[{ TeXBase1Encoding ReEncodeFont }17 66.666667 /Courier rf /Fb 107[29 29 25[33 1[48 33 33 18 26 22 1[33 33 33 52 18 33 1[18 33 33 22 29 33 29 33 29 3[22 1[22 4[48 1[41 37 44 48 37 9[37 2[44 44 48 8[33 9[17 22 17 2[22 22 36[37 37 2[{ TeXBase1Encoding ReEncodeFont }44 66.666667 /Times-Roman rf /Fc 204[25 25 25 49[{ TeXBase1Encoding ReEncodeFont }3 50.000001 /Times-Roman rf /Fd 134[42 2[42 46 28 1[37 2[42 46 69 23 1[28 23 2[28 37 1[37 1[42 12[55 46 2[51 3[55 2[32 3[55 1[60 8[28 55[46 2[{ TeXBase1Encoding ReEncodeFont }24 83.333337 /Times-Bold rf /Fe 204[29 29 29 49[{ TeXBase1Encoding ReEncodeFont }3 58.333334 /Times-Roman rf /Ff 103[50 29[50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 7[50 2[50 1[50 50 50 2[50 50 50 50 5[50 50 50 50 50 50 50 5[50 2[50 3[50 50 1[50 50 50 50 9[50 35[{ TeXBase1Encoding ReEncodeFont }52 83.333337 /Courier rf /Fg 105[42 28[37 37 55 1[42 23 32 32 1[42 42 42 60 23 2[23 42 42 23 37 42 37 1[42 8[51 2[60 46 42 2[51 60 55 69 3[28 3[51 60 55 51 51 12[42 5[21 7[65 38[{ TeXBase1Encoding ReEncodeFont }38 83.333337 /Times-Italic rf /Fh 104[83 42 1[37 37 24[37 42 42 60 42 42 23 32 28 42 42 42 42 65 23 42 23 23 42 42 28 37 42 37 42 37 3[28 1[28 2[60 78 60 60 51 46 55 60 46 60 60 74 51 60 32 28 60 60 46 51 60 55 55 60 6[23 42 42 42 42 42 42 42 42 42 42 23 21 28 21 2[28 28 28 35[46 46 2[{ TeXBase1Encoding ReEncodeFont }76 83.333337 /Times-Roman rf /Fi 134[50 3[55 33 39 44 1[55 50 55 83 28 2[28 55 50 33 44 55 44 55 50 10[72 1[66 55 72 2[78 1[94 3[39 1[78 2[72 72 1[72 11[50 50 50 50 50 2[25 33 45[{ TeXBase1Encoding ReEncodeFont }37 100.000003 /Times-Bold rf /Fj 138[45 45 45 45 1[45 45 45 45 1[45 2[45 45 1[45 45 45 45 45 32[45 17[45 46[{ TeXBase1Encoding ReEncodeFont }18 75.000000 /Courier rf /Fk 134[44 1[66 2[28 39 39 1[50 50 50 72 28 44 28 1[50 50 1[44 50 44 50 50 11[72 55 50 61 1[61 72 66 1[55 1[44 3[61 1[72 66 61 61 19[33 25 5[78 38[{ TeXBase1Encoding ReEncodeFont }36 100.000003 /Times-Italic rf /Fl 139[28 39 33 2[50 50 1[28 3[50 2[44 50 2[44 12[61 1[66 13[72 66 20[25 46[{ TeXBase1Encoding ReEncodeFont }15 100.000003 /Times-Roman rf /Fm 134[60 3[66 40 47 53 1[66 60 66 100 3[33 66 60 1[53 1[53 11[120 86 1[80 66 86 2[93 11[86 1[86 65[{ TeXBase1Encoding ReEncodeFont }22 119.999948 /Times-Bold rf end %%EndProlog %%BeginSetup %%Feature: *Resolution 600dpi TeXDict begin %%PaperSize: Letter %%EndSetup %%Page: 1 1 1 0 bop 519 407 a Fm(Opening)31 b(The)g(Sour)n(ce)f(Repository)g(W)n (ith)g(Anonymous)g(CVS)854 787 y Fl(Charles)c(D.)e(Cranor)905 b(Theo)25 b(de)g(Raadt)787 991 y Fk(A)l(T&T)g(Labs-Resear)l(c)o(h)683 b(The)26 b(OpenBSD)e(Pr)l(oject)576 1108 y(Florham)g(P)-8 b(ark,)24 b(Ne)o(w)i(J)n(er)o(se)m(y)-5 b(,)24 b(USA)398 b(Calgary)-5 b(,)24 b(Alberta,)g(Canada)725 1224 y Fj (chuck@research.att.com)613 b(deraadt@openbsd.org)745 1583 y Fi(Abstract)0 1738 y Fh(Anon)o(ymous)32 b(CVS)j(is)h(an)f(adv)n (anced)d(source)i(\002le)h(distrib)n(u-)0 1838 y(tion)29 b(mechanism)f(we)h(created)g(to)g(allo)n(w)g Fg(open)f(sour)m(ce)h Fh(soft-)0 1937 y(w)o(are)24 b(projects)g(to)h(distrib)n(ute)f(source)f (code)h(and)g(information)0 2037 y(about)k(code)f(to)i(Internet)e (users.)51 b(Built)29 b(on)f(top)g(of)g(the)h(Con-)0 2137 y(current)19 b(V)-9 b(ersions)20 b(System)g(\(CVS\))h(re)n(vision) e(control)h(system,)0 2236 y(Anon)o(ymous)33 b(CVS)k(safely)e(allo)n (ws)h(anon)o(ymous)d(read-only)0 2336 y(access)e(to)f(a)g(CVS)h(source) f(repository)-5 b(.)52 b(Prior)29 b(to)h(the)h(intro-)0 2436 y(duction)16 b(of)h(Anon)o(ymous)e(CVS,)j(access)g(to)f(a)h(CVS)g (repository)0 2535 y(had)24 b(to)g(be)h(restricted)f(to)g(a)h(select)g (group)d(of)j(pri)n(vile)o(ged)d(soft-)0 2635 y(w)o(are)16 b(de)n(v)o(elopers.)22 b(The)16 b(adv)n(antage)f(of)h(open)f(source)h (softw)o(are)0 2734 y(is)35 b(that)g(it)g(promotes)e(reliability)h(and) g(quality)f(by)i(allo)n(wing)0 2834 y(independent)26 b(peer)i(re)n(vie)n(w)g(and)f(rapid)h(e)n(v)n(olution)f(of)h(source)0 2934 y(code.)61 b(By)33 b(introducing)d(Anon)o(ymous)f(CVS,)34 b(we)e(ha)n(v)o(e)g(e)o(x-)0 3033 y(tended)26 b(the)h(concept)e(of)i (open)f(source)g(softw)o(are)g(projects)g(to)0 3133 y Fg(open)20 b(sour)m(ce)h(r)m(epository)g Fh(projects.)28 b(Ha)n(ving)20 b(an)h(open)f(source)0 3233 y(repository)h(allo)n(ws)j (users)f(to)h(tak)o(e)f(a)h(more)e(acti)n(v)o(e)h(role)g(in)h(the)0 3332 y(deb)n(ugging)19 b(and)j(de)n(v)o(elopment)d(of)i(open)g(source)g (projects.)30 b(In)0 3432 y(this)37 b(paper)f(we)h(will)g(e)o(xamine)f (and)g(compare)f(the)i(mecha-)0 3531 y(nisms)24 b(used)g(by)g(open)f (source)g(projects)h(to)g(distrib)n(ute)f(source)0 3631 y(code.)56 b(W)-7 b(e)32 b(will)g(present)e(the)g(design)h(and)f (implementation)0 3731 y(of)f(the)g(\002rst)g(Anon)o(ymous)d(CVS)k (serv)o(er)f(\(used)f(to)h(distrib)n(ute)0 3830 y(the)22 b(OpenBSD)g(operating)f(system\).)30 b(W)-7 b(e)24 b(will)f(e)o(xplain) e(some)0 3930 y(of)30 b(our)g(concerns)f(\(e.g.,)i(security\))f(and)g (some)g(of)g(the)g(prob-)0 4030 y(lems)18 b(we)g(f)o(aced)g(when)f (trying)f(to)i(adapt)f(CVS)i(for)e(anon)o(ymous)0 4129 y(use.)41 b(W)-7 b(e)27 b(also)f(will)g(present)f(other)g(more)f (recent)h(source)g(\002le)0 4229 y(distrib)n(ution)c(mechanisms)h(that) g(mak)o(e)g(use)h(of)f(an)g(open)g(CVS)0 4328 y(repository)-5 b(.)71 b(Anon)o(ymous)34 b(CVS)k(is)f(currently)e(bring)g(used)0 4428 y(by)20 b(a)h(number)e(of)i(projects)f(including)f(OpenBSD,)h (FreeBSD,)0 4528 y(Mozilla,)g(Ecgs,)g(Gnome,)f(Python,)f(and)i (GNUstep.)0 4805 y Fi(1)99 b(Intr)n(oduction)0 5001 y Fh(Ov)o(er)22 b(the)h(past)g(fe)n(w)f(years)h(open)e(source)h(softw)o (are)g(has)h(made)0 5101 y(signi\002cant)16 b(inroads)g(in)h(the)f (mainstream)g(softw)o(are)g(w)o(orld)g([7].)0 5201 y(The)h(popularity)f (of)h(open)f(source)h(operating)f(systems)i(such)f(as)0 5300 y(Linux)25 b([12)n(])h(and)f(BSD)i([5)o(])f(has)g(generated)e (great)i(interest)f(in)0 5400 y(the)g(open)f(source)h(de)n(v)o (elopment)d(softw)o(are)j(model.)38 b(The)25 b(k)o(e)o(y)2010 1583 y(attrib)n(utes)i(of)h(the)f(open)g(source)f(model)h(are)g(that)h (the)f(source)2010 1683 y(code)i(for)g(a)h(softw)o(are)f(project)g(is)i (freely)d(a)n(v)n(ailable)i(\(usually)2010 1782 y(o)o(v)o(er)k(the)h (Internet\))e(and)i(that)g(the)g(code')-5 b(s)35 b(license)g(guaran-) 2010 1882 y(tees)28 b(the)g(right)f(to)h(read,)h(redistrib)n(ute,)f (modify)-5 b(,)27 b(and)h(use)g(the)2010 1982 y(code)17 b(freely)-5 b(.)23 b(The)17 b(adv)n(antage)f(of)i(open)f(source)g (softw)o(are)g(o)o(v)o(er)2010 2081 y(closed)24 b(proprietary)e(softw)o (are)i(is)h(that)f(it)h(promotes)e(softw)o(are)2010 2181 y(reliability)32 b(and)g(quality)g(by)h(supporting)d(independent)g (peer)2010 2280 y(re)n(vie)n(w)25 b(and)h(rapid)f(e)n(v)n(olution)g(of) h(source)f(code.)42 b(An)o(yone)24 b(on)2010 2380 y(the)g(Internet)f (can)h(do)n(wnload,)e(e)o(xamine,)i(enhance,)f(or)h(deb)n(ug)2010 2480 y(an)k(open)f(source)g(program.)46 b(This)28 b(enables)g(an)f (open)g(source)2010 2579 y(project)14 b(to)i(ha)n(v)o(e)f(a)g(lar)o(ge) g(Internet-based)d(international)i(de)n(v)o(el-)2010 2679 y(oper)25 b(community)f(that)j(is)g(constantly)e(w)o(orking)g(on)h (impro)o(v-)2010 2779 y(ing)20 b(the)g(project.)2093 2894 y(While)28 b(all)g(users)g(bene\002t)f(from)g(the)g(open)g(source) g(model,)2010 2993 y(only)21 b(a)i(relati)n(v)o(ely)e(fe)n(w)h(users)h (tak)o(e)f(adv)n(antage)e(of)i(ha)n(ving)g(ac-)2010 3093 y(cess)35 b(to)g(the)f(source)f(code.)67 b(In)34 b(f)o(act,)k(most)c (users)h(of)f(open)2010 3193 y(source)e(programs)f(install)j (pre-compiled)c(v)o(ersions)i(of)h(pro-)2010 3292 y(grams)f(from)g(CDR) m(OM)h(distrib)n(utions)f(or)g(the)h(Internet)e(and)2010 3392 y(ne)n(v)o(er)23 b(bother)g(to)h(either)g(do)n(wnload,)f(inspect,) i(or)f(modify)f(the)2010 3492 y(source)16 b(code.)23 b(The)16 b(fe)n(w)g(users)g(who)g(do)g(deal)g(directly)g(with)h(the) 2010 3591 y(source)24 b(code)g(are)h(usually)f(open)g(source)g(de)n(v)o (elopers.)37 b(These)2010 3691 y(de)n(v)o(elopers)27 b(ha)n(v)o(e)i(special)g(needs)g(that)g(are)h(only)e(partly)g(met)2010 3790 y(by)c(projects)g(that)h(that)g(\002t)g(the)g(standard)f (de\002nition)f(of)i(\223open)2010 3890 y(source\224)h([7)o(].)44 b(F)o(or)26 b(e)o(xample,)h(in)g(addition)e(to)i(ha)n(ving)e(access) 2010 3990 y(to)f(current)f(snapshot)g(of)h(a)h(project')-5 b(s)24 b(source)f(code,)h(it)h(is)g(also)2010 4089 y(useful)15 b(to)h(ha)n(v)o(e)g(access)g(to)g(older)f(v)o(ersions)g(of)g(source)h (\002les,)h(an-)2010 4189 y(notated)23 b(per)n(-\002le)g(re)n(vision)f (logs)i(\(GNU-style)f(\223ChangeLog\224)2010 4289 y(\002les)h(are)e(a)i (poor)d(substitute)i(for)f(this\),)h(and)g(the)f(ability)h(to)g(set) 2010 4388 y(the)c(\002les)h(in)f(a)g(source)f(tree)h(to)g(a)g (speci\002c)g(date)g(or)f(release.)25 b(It)19 b(is)2010 4488 y(also)25 b(useful)f(to)h(be)f(able)h(to)f(update)g(a)h(source)e (tree)i(to)g(the)f(lat-)2010 4587 y(est)30 b(v)o(ersion)f(without)g(ha) n(ving)f(to)i(do)n(wnload)e(the)h(entire)h(tree)2010 4687 y(while)j(preserving)e(local)i(changes.)63 b(Historically)-5 b(,)36 b(re)n(vision)2010 4787 y(control)27 b(systems)i(such)f(as)h (the)g(Source)e(Code)i(Control)e(Sys-)2010 4886 y(tem)19 b(\(SCCS\))h([9)o(])f(and)f(the)h(Re)n(vision)g(Control)f(System)h (\(RCS\))2010 4986 y([11)o(])h(ha)n(v)o(e)g(pro)o(vided)e(some)i(of)g (these)g(features)g(on)g(a)h(local)f(ba-)2010 5086 y(sis.)2093 5201 y(RCS)i(and)d(SCCS)j(were)e(designed)e(to)j(manage)d(small-scale) 2010 5300 y(projects)30 b(with)h(a)g(centralized)f(set)h(of)g(de)n(v)o (elopers)e(thus)h(the)o(y)2010 5400 y(are)24 b(not)f(well-suited)g(for) g(lar)o(ge)g(Internet-based)e(open)h(source)p eop %%Page: 2 2 2 1 bop 0 83 a Fh(softw)o(are)21 b(projects.)29 b(Neither)21 b(system)h(has)g(an)f(Internet)f(serv)o(er)0 183 y(function)k(that)i (allo)n(ws)g(de)n(v)o(elopers)e(to)i(check)e(out)i(a)g(w)o(orking)0 282 y(cop)o(y)20 b(of)h(a)h(source)e(tree)h(on)g(their)g(local)g (systems,)h(mak)o(e)f(mod-)0 382 y(i\002cations)j(to)h(it,)h(and)e (then)g(mer)o(ge)f(those)i(changes)e(back)h(into)0 482 y(the)d(main)g(repository)-5 b(.)27 b(The)21 b(introduction)e(of)i(the) g(RCS-based)0 581 y(Concurrent)g(V)-9 b(ersions)23 b(System)g(\(CVS\))g ([1)o(])h(re)n(vision)e(control)0 681 y(system)34 b(addresses)g(these)g (issues.)68 b(It)34 b(allo)n(ws)g(lar)o(ge)f(source)0 780 y(trees)c(to)f(be)g(managed)f(as)i(a)g(group)d(under)h(RCS,)j(and)d (it)i(has)0 880 y(a)22 b(netw)o(ork)f(serv)o(er)g(mode)g(that)h(allo)n (ws)h(de)n(v)o(elopers)c(to)k(be)e(dis-)0 980 y(trib)n(uted)h(across)g (the)g(Internet)f(and)h(yet)h(share)f(the)g(same)h(CVS)0 1079 y(source)c(repository)-5 b(.)83 1197 y(Prior)20 b(to)h(our)f(w)o(ork)g(on)h(Anon)o(ymous)d(CVS,)j(in)g(order)f(to)h(be) 0 1297 y(able)27 b(to)h(use)f(CVS)h(to)g(access)g(a)f(source)g (repository)e(one)i(had)0 1397 y(to)i(ha)n(v)o(e)f(an)g(account)g(on)g (the)h(machine)e(hosting)h(the)g(reposi-)0 1496 y(tory)-5 b(.)31 b(Furthermore,)20 b(the)j(account)e(had)h(to)g(ha)n(v)o(e)g (write)h(access)0 1596 y(to)31 b(the)h(RCS)g(\002les)g(in)g(the)f (repository)-5 b(.)56 b(Thus,)33 b(open)d(source)0 1695 y(projects)20 b(that)h(used)f(CVS)i(to)f(manage)e(their)h(source)g (trees)h(had)0 1795 y(to)e(restrict)g(access)h(to)f(their)g (repositories)f(to)h(a)g(select)h(group)d(of)0 1895 y(pri)n(vile)o(ged) j(softw)o(are)h(de)n(v)o(elopers)f(in)i(order)e(to)i(protect)f(them-)0 1994 y(selv)o(es)28 b(from)e(malicious)h(attacks)h(on)f(their)h(source) e(tree.)48 b(An)0 2094 y(unfortunate)23 b(side)j(ef)n(fect)f(of)g(this) h(w)o(as)h(non-pri)n(vile)o(ged)21 b(users)0 2194 y(and)k(de)n(v)o (elopers)f(could)h(not)g(access)i(the)f(CVS-based)f(source)0 2293 y(tree)20 b(and)g(thus)g(were)g(lock)o(ed)f(out)h(from)f(the)i (information)c(con-)0 2393 y(tained)31 b(in)g(it.)59 b(Den)o(ying)29 b(users)j(access)g(to)f(this)h(information)0 2492 y(runs)22 b(counter)e(to)j(the)f(open)f(source)g(philosophy)f(and) h(reduces)0 2592 y(the)g(ef)n(fecti)n(v)o(eness)e(of)h(the)h(open)f (source)g(de)n(v)o(elopment)d(model)0 2692 y(by)28 b(making)f(it)j (more)d(dif)n(\002cult)h(for)g(non-pri)n(vile)o(ged)d(users)j(to)0 2791 y(do)n(wnload,)18 b(deb)n(ug,)h(and)g(manage)g(their)h(source)g (trees.)83 2909 y(In)32 b(the)h(F)o(all)g(of)g(1995)e(when)h(we)h (started)g(our)e(o)n(wn)i(open)0 3009 y(source)h(operating)f(system)i (project)e(called)i(OpenBSD,)f(we)0 3109 y(decided)g(to)h(use)g(CVS)g (to)g(manage)f(the)h(OpenBSD)f(source)0 3208 y(tree.)44 b(Based)27 b(on)f(our)f(e)o(xperiences)g(with)h(the)h(pre)n(vious)e (open)0 3308 y(source)33 b(project)f(we)i(were)f(in)m(v)n(olv)o(ed)e (with,)37 b(we)d(recognized)0 3407 y(the)20 b(inherent)f(con\003ict)h (between)g(trying)f(to)i(maintain)e(an)i(open)0 3507 y(en)m(vironment)33 b(while)k(maintaining)d(a)j(pri)n(v)n(ate)e(CVS)i (source)0 3607 y(repository)29 b(that)i(only)e(pri)n(vile)o(ged)g (users)i(could)e(access.)57 b(T)-7 b(o)0 3706 y(resolv)o(e)27 b(this)i(con\003ict)f(we)g(created)g(Anon)o(ymous)d(CVS)k(\227)g(a)0 3806 y(mechanism)35 b(that)h(lets)h(anon)o(ymous)c(Internet)i(users)h (access)0 3906 y(a)30 b(source)e(repository)g(without)h(compromising)d (its)31 b(security)-5 b(.)0 4005 y(Anon)o(ymous)14 b(CVS)k(e)n(v)n(olv) o(es)f(the)g(open)f(source)g(concept)g(to)i(the)0 4105 y(ne)o(xt)31 b(le)n(v)o(el:)47 b Fg(open)30 b(sour)m(ce)h(r)m (epository)p Fh(.)58 b(The)31 b(adv)n(antage)e(of)0 4204 y(open)d(source)g(repository)g(projects)g(o)o(v)o(er)g(plain)g(open)g (source)0 4304 y(projects)i(is)i(that)g(it)f(puts)g(the)g(information)e (and)h(po)n(wer)g(con-)0 4404 y(tained)21 b(in)g(a)g(CVS-based)g (source)g(repository)e(in)i(the)g(hands)g(of)0 4503 y(the)i(a)n(v)o (erage)f(de)n(v)o(eloper)-5 b(.)33 b(W)m(ith)23 b(Anon)o(ymous)e(CVS)j (the)f(re)n(vi-)0 4603 y(sions,)j(histories,)f(and)g(branches)e(of)h(a) i(CVS)f(tree)g(are)g(public.)0 4703 y(Anon)o(ymous)f(CVS)29 b(mak)o(es)e(it)h(easy)f(to)h(k)o(eep)e(a)i(lar)o(ge)e(source)0 4802 y(tree)18 b(up)g(to)g(date,)g(e)n(v)o(en)g(o)o(v)o(er)e(a)j(slo)n (w-speed)e(modem)g(link.)24 b(The)0 4902 y(OpenBSD)15 b(project)g(e)n(v)o(en)g(ships)g(its)i(CDR)m(OM)f(with)g(a)g(check)o (ed)0 5001 y(out)k(CVS)i(tree)f(so)g(that)f(OpenBSD)h(users)g(who)f (are)g(interested)0 5101 y(in)36 b(using)e(CVS)j(can)e(start)h(right)f (a)o(w)o(ay)g(without)f(ha)n(ving)g(to)0 5201 y(do)n(wnload)14 b(the)i(whole)f(tree)h(from)e(scratch.)24 b(Anon)o(ymous)13 b(CVS)0 5300 y(also)33 b(acts)h(as)g(a)g(training)e(ground)f(by)h(allo) n(wing)h(de)n(v)o(elopers)0 5400 y(ne)n(w)25 b(to)g(the)g(project)f (and/or)g(CVS)i(to)g(safely)f(get)g(e)o(xperience)2010 83 y(with)c(the)h Ff(cvs)f Fh(command)e(before)h(being)g(gi)n(v)o(en)g (write)h(access)2010 183 y(to)j(the)f(repository)-5 b(.)34 b(W)-7 b(e)24 b(belie)n(v)o(e)f(that)h(once)f(de)n(v)o(elopers)e(ha)n (v)o(e)2010 282 y(had)29 b(e)o(xperience)e(with)j(an)f(open)g(source)g (repository)e(project)2010 382 y(the)o(y)19 b(will)h(\002nd)f(the)g(de) n(v)o(elopment)e(en)m(vironment)f(of)n(fered)h(by)i(a)2010 482 y(plain)h(open)f(source)g(project)h(to)g(be)g(inadequate.)2093 581 y(In)e(this)i(paper)d(we)i(e)o(xamine)e(the)i(issue)g(of)g(source)f (code)f(dis-)2010 681 y(trib)n(ution)e(for)g(open)f(source)h(projects.) 23 b(In)16 b(Section)f(2)h(we)g(e)o(xam-)2010 781 y(ine)31 b(non-CVS)f(based)g(distrib)n(ution)f(mechanisms)h(used)h(\(for)2010 880 y(the)e(most)f(part\))g(prior)g(to)g(the)h(introduction)d(of)i (Anon)o(ymous)2010 980 y(CVS.)k(In)g(Section)f(3)h(we)g(describe)f(the) g(design)g(and)g(imple-)2010 1080 y(mentation)25 b(the)h(\002rst)h (Anon)o(ymous)d(CVS)j(serv)o(ers,)g(including)2010 1179 y(issues)h(such)f(CVS)h(limitations,)h(\002le)f(locking,)f(and)g (security)-5 b(.)2010 1279 y(In)29 b(Section)f(4)i(we)f(present)f (other)h(CVS-based)f(open)g(source)2010 1378 y(repository)h(distrib)n (ution)g(tools)i(that)g(were)g(introduced)d(after)2010 1478 y(introduction)c(of)j(Anon)o(ymous)c(CVS.)28 b(Finally)-5 b(,)27 b(in)g(Section)f(5)2010 1578 y(we)21 b(close)f(by)h(pro)o (viding)c(pointers)j(to)g(the)h(source)f(code)f(of)i(the)2010 1677 y(currently)31 b(a)n(v)n(ailable)i(open)f(source)g(repository)g (distrib)n(ution)2010 1777 y(tools)c(and)g(also)h(a)f(list)i(of)e(open) f(source)h(repository)e(projects)2010 1877 y(and)20 b(their)g(respecti) n(v)o(e)f(CVS)i(serv)o(ers.)2010 2125 y Fi(2)99 b(T)-7 b(raditional)25 b(Distrib)n(ution)g(Mechanisms)2010 2311 y Fh(T)m(raditionally)-5 b(,)16 b(open)h(source)h(projects)g(ha)n(v)o (e)f(distrib)n(uted)h(their)2010 2411 y(source)g(code)h(through)e(a)j (number)d(of)i(non-CVS)g(based)g(mech-)2010 2511 y(anisms)51 b(including)d(USENET)i Ff(comp.sources)f Fh(ne)n(ws-)2010 2610 y(groups,)60 b(anon)o(ymous)50 b(FTP)-9 b(,)53 b(web,)62 b(and)52 b(SUP)-9 b(.)54 b(Recently)2010 2710 y(projects)37 b(ha)n(v)o(e)g(also)h(started)f(using)g(Rsync)g(and)g(CTM)h(for)2010 2809 y(source)17 b(distrib)n(ution.)23 b(While)18 b(each)f(of)h(these)g (mechanisms)f(are)2010 2909 y(useful)f(for)g(distrib)n(uting)f(code,)h (the)o(y)g(do)g(not)g(address)g(the)h(issue)2010 3009 y(of)h(distrib)n(uting)f(the)h(types)g(of)g(meta)g(information)e(a)n(v) n(ailable)h(in)2010 3108 y(a)33 b(CVS)g(source)f(repository)-5 b(.)59 b(In)31 b(this)i(section)f(we)h(e)o(xamine)2010 3208 y(each)20 b(of)g(these)g(mechanisms)f(in)i(more)e(detail.)2093 3308 y(In)f(the)h(1980s)f(and)g(early)g(1990s)f(the)i(moderated)e (USENET)2010 3407 y Ff(comp.sources)33 b Fh(ne)n(wsgroups)h(were)h(a)g (popular)e(w)o(ay)i(to)2010 3507 y(distrib)n(ute)29 b(open)f(source)g (code.)52 b(T)-7 b(o)29 b(submit)g(a)h(program,)f(an)2010 3607 y(author)21 b(e-mailed)g(the)h(source)g(code)f(to)i(the)f (moderator)e(of)i(the)2010 3706 y(appropriate)c(USENET)i(group.)j(The)d (moderator)e(w)o(ould)h(then)2010 3806 y(compile)e(and)h(test)h(the)f (code,)g(and)g(if)h(the)f(program)e(functioned)2010 3906 y(properly)21 b(post)j(it)g(to)g(the)f(ne)n(wsgroup)f(as)i(a)g(series)g (of)f(articles.)2010 4005 y(As)i(the)g(postings)f(w)o(ork)o(ed)f(their) h(w)o(ay)h(through)d(the)j(netw)o(ork,)2010 4105 y(users)h(w)o(ould)f (collect)h(them)g(and)f(unpack,)g(compile,)h(and)g(in-)2010 4204 y(stall)j(the)f(program.)46 b(As)29 b(the)f(program)e(e)n(v)n(olv) o(ed,)i(the)g(author)2010 4304 y(of)33 b(the)g(program)e(could)h(forw)o (ard)g(patches)h(to)g(the)g(modera-)2010 4404 y(tor)e(to)h(test)h(and)e (post)g(to)h(the)g(ne)n(wsgroup.)56 b(There)31 b(are)h(se)n(v-)2010 4503 y(eral)c(problems)f(that)i(mak)o(e)f(these)g(USENET)h(ne)n (wsgroups)d(a)2010 4603 y(less)d(than)e(ideal)h(forum)e(for)i(the)f (distrib)n(ution)g(of)h(open)e(source)2010 4703 y(code.)41 b(First,)27 b(the)f(group)e(moderator)g(is)i(a)g(bottleneck.)40 b(Post-)2010 4802 y(ings)23 b(can)f(be)h(delayed)f(weeks)g(or)h(e)n(v)o (en)f(months)f(a)o(w)o(aiting)i(the)2010 4902 y(moderators)35 b(attention.)75 b(This)38 b(does)f(not)g(mesh)g(well)g(with)2010 5001 y(the)15 b(rapid)g(de)n(v)o(elopment)e(en)m(vironment)f (associated)j(with)h(open)2010 5101 y(source)23 b(projects.)34 b(While)24 b(it)g(is)h(possible)e(to)g(ha)n(v)o(e)g(an)h(unmod-)2010 5201 y(erated)c(source)g(ne)n(wsgroup,)f(it)i(is)h(not)e(practical)g (due)h(to)g(ab)n(un-)2010 5300 y(dance)d(of)h(non-uniform)c(and)k (non-source)d(postings)j(\(e.g.,)f(see)2010 5400 y Ff(alt.sources)p Fh(\).)32 b(Second,)23 b(moderating)e(an)i(acti)n(v)o(e)f(source)p eop %%Page: 3 3 3 2 bop 0 83 a Fh(ne)n(wsgroup)29 b(is)j(hard)e(w)o(ork)h(and)f(it)i (is)g(dif)n(\002cult)f(to)g(\002nd)g(v)n(ol-)0 183 y(unteers)26 b(to)h(perform)d(this)j(thankless)f(task.)45 b(Third,)26 b(handling)0 282 y(multipart)38 b(source)h(postings)f(is)i(irritating)f (for)f(users)h(since)0 382 y(the)o(y)23 b(must)h(collect)g(all)h(the)f (parts)g(\(tracking)e(do)n(wn)h(parts)h(that)0 482 y(are)31 b(missing\))g(and)g(then)g(assemble)h(them)f(together)-5 b(.)57 b(Gi)n(v)o(en)0 581 y(the)30 b(ab)n(undance)e(of)i(Internet)f (connecti)n(vity)-5 b(,)30 b(it)h(is)g(often)e(eas-)0 681 y(ier)j(to)g(just)g(FTP)h(the)f(sources)f(rather)g(than)h(try)f (and)h(collect)0 780 y(them)26 b(from)g(USENET)-6 b(.)26 b(Thus,)i(it)f(is)h(not)e(surprising)g(that)h(the)0 880 y(USENET)20 b(source)f(ne)n(wsgroups)g(are)h(no)n(w)f(mostly)h(inacti)n (v)o(e.)83 998 y(Anon)o(ymous)27 b(FTP)j(and)g(web)f(serv)o(ers)h(are)f (popular)f(w)o(ays)0 1098 y(to)f(distrib)n(ute)g(both)f(binary)f(and)i (source)f(code.)44 b(Archi)n(ving)25 b(a)0 1197 y(collection)c(of)g (tar)m(,)h(zip,)g(or)g(RPM)g(\002les)h(containing)d(snapshots)0 1297 y(of)27 b(a)g(project')-5 b(s)27 b(source)f(code)g(allo)n(ws)h (users)h(to)f(con)m(v)o(eniently)0 1397 y(access)f(programs)e(on)h (demand)f(through)g(the)i(Internet.)40 b(W)-7 b(eb)0 1496 y(serv)o(ers)30 b(ha)n(v)o(e)g(the)g(additional)f(adv)n(antage)g (of)h(being)f(able)h(to)0 1596 y(include)21 b(e)o(xplanatory)e (information)g(intermix)o(ed)h(with)i(hyper)n(-)0 1695 y(te)o(xt)j(links)g(to)h(source)e(distrib)n(ution)g(\002les.)41 b(There)24 b(are)h(a)h(num-)0 1795 y(ber)e(of)g(disadv)n(antages)e(to)j (this)g(type)f(of)g(distrib)n(ution)f(mecha-)0 1895 y(nism.)39 b(First,)26 b(it)g(forces)e(de)n(v)o(elopers)f(to)i(break)f(their)g (distrib)n(u-)0 1994 y(tion)e(up)g(into)g(periodic)e(releases.)31 b(If)22 b(there)g(is)h(a)g(lar)o(ge)e(amount)0 2094 y(of)j(time)h (between)f(releases)h(then)f(there)h(is)g(a)g(lar)o(ge)f(delay)g(be-)0 2194 y(tween)29 b(when)f(changes)g(are)h(made)f(and)h(when)f(the)o(y)g (get)h(dis-)0 2293 y(trib)n(uted)24 b(to)h(de)n(v)o(elopers)e(on)i(the) g(Internet.)38 b(If)24 b(the)h(amount)f(of)0 2393 y(time)e(between)e (releases)i(is)g(short,)g(then)f(the)g(FTP)h(or)f(web)h(site)0 2492 y(becomes)29 b(cro)n(wded)e(with)j(numerous)d(release)j(archi)n(v) o(e)e(\002les,)0 2592 y(patch)34 b(\002les,)40 b(or)34 b(both.)69 b(If)35 b(the)g(distrib)n(ution)f(is)i(lar)o(ge,)h(then)0 2692 y(do)n(wnloading)30 b(ne)n(w)j(releases)h(becomes)e(painful)g(for) h(de)n(v)o(el-)0 2791 y(opers)24 b(who)h(are)g(attached)f(to)h(the)g (Internet)f(via)h(slo)n(w)g(modem)0 2891 y(links)d(because)f(in)h (order)f(to)h(stay)g(current)f(ne)n(w)g(releases)i(must)0 2991 y(be)i(constantly)g(do)n(wnloaded.)38 b(If)25 b(patch)g(\002les)h (are)g(used,)g(then)0 3090 y(de)n(v)o(elopers)16 b(ha)n(v)o(e)h(the)g (added)g(o)o(v)o(erhead)e(of)i(do)n(wnloading)e(and)0 3190 y(applying)23 b(the)h(patches.)37 b(Finally)-5 b(,)25 b(old)f(releases)h(are)f(often)g(re-)0 3289 y(mo)o(v)o(ed)c(from)h(the) g(FTP)i(or)e(web)h(serv)o(er)f(in)h(order)e(to)i(conserv)o(e)0 3389 y(disk)j(space.)39 b(This)26 b(mak)o(es)f(it)g(dif)n(\002cult)g (to)g(retrie)n(v)o(e)f(and)g(com-)0 3489 y(pare)32 b(old)h(v)o(ersions) f(of)h(a)g(distrib)n(ution)f(with)h(ne)n(w)g(v)o(ersions.)0 3588 y(The)21 b(Linux)f(k)o(ernel)h(and)f(GNU)i(programs)d(ha)n(v)o(e)i (traditionally)0 3688 y(been)f(distrib)n(uted)f(through)f(these)i (mechanisms.)83 3806 y(Another)h(w)o(ay)i(to)f(distrib)n(ute)h(code)e (is)j(through)c(a)j(Softw)o(are)0 3906 y(Upgrade)d(Protocol)h(\(SUP\))h (serv)o(er)f([10)o(].)30 b(SUP)22 b(serv)o(ers)f(oper)n(-)0 4005 y(ate)i(by)e(tracking)g(the)h(modi\002cation)f(times)h(of)g(a)h (collection)e(of)0 4105 y(source)28 b(\002les.)50 b(SUP)29 b(clients)g(track)f(the)g(time)h(the)o(y)e(were)i(last)0 4204 y(run)c(successfully)-5 b(.)41 b(When)25 b(a)i(SUP)f(client)g(is)h (run)e(it)i(connects)0 4304 y(to)21 b(a)g(serv)o(er)e(and)h(asks)h(for) f(\002les)i(that)e(ha)n(v)o(e)g(changed)f(since)i(the)0 4404 y(last)c(successful)e(run.)23 b(The)15 b(SUP)i(serv)o(er)e(checks) g(its)i(timestamp)0 4503 y(database)25 b(and)h(deli)n(v)o(ers)f(only)g (those)h(\002les.)44 b(The)26 b(SUP)g(serv)o(er)0 4603 y(can)g(run)g(the)g(\002les)h(through)d(a)j(compression)d(program)g(to) j(re-)0 4703 y(duce)16 b(the)g(bandwidth)f(required)g(to)h(update)g(a)g (source)g(tree.)24 b(The)0 4802 y(adv)n(antage)16 b(of)h(SUP)h(is)h (that)f(only)e(the)i(\002les)h(that)e(ha)n(v)o(e)g(changed)0 4902 y(are)24 b(do)n(wnloaded.)34 b(The)24 b(disadv)n(antage)e(of)i (SUP)h(is)g(that)g(local)0 5001 y(changes)20 b(to)i(source)e(\002les)i (are)g(not)f(preserv)o(ed)e(and)i(entire)g(\002les)0 5101 y(must)f(be)f(do)n(wnloaded)e(when)i(the)o(y)g(are)g(changed.)k (Also,)d(SUP)0 5201 y(does)i(not)g(supply)f(an)o(y)g(re)n(vision)h (information)d(or)j(allo)n(w)g(older)0 5300 y(v)o(ersions)17 b(of)g(\002les)i(to)f(be)f(accessed.)24 b(Both)18 b(CMU)h(and)e(the)h (BSD)0 5400 y(open)28 b(source)f(operating)g(systems)i(projects)f(ha)n (v)o(e)g(made)g(e)o(x-)2010 83 y(tensi)n(v)o(e)20 b(use)g(of)g(SUP)h (to)f(distrib)n(ute)g(source)g(\002les.)2093 192 y(The)34 b(Rsync)h(distrib)n(ution)e(program)g(performs)f(a)j(similar)2010 291 y(function)29 b(to)j(SUP)-9 b(,)31 b(b)n(ut)g(in)g(a)h(more)e(ef)n (\002cient)g(w)o(ay)h([13)o(].)58 b(In)2010 391 y(SUP)26 b(when)f(a)i(\002le)f(is)g(updated)f(the)g(entire)g(\002le)i(is)f (transfered,)2010 491 y(ho)n(we)n(v)o(er)16 b(in)i(Rsync)f(only)g(the)h (changes)e(are)i(sent.)24 b(Rather)18 b(than)2010 590 y(using)h(a)g(timestamp)g(database,)f(Rsync)h(simply)g(compares)f(the) 2010 690 y(timestamps)28 b(and)g(sizes)h(of)f(the)g(source)g(and)f(tar) o(get)h(v)o(ersions)2010 790 y(of)h(a)h(\002le.)52 b(If)29 b(there)g(is)h(a)g(match)e(then)h(the)g(\002le)h(is)g(not)f(trans-)2010 889 y(fered.)24 b(On)c(the)g(other)f(hand,)f(if)i(the)g(\002le)h(does)e (not)h(match,)f(then)2010 989 y(Rsync)26 b(performs)e(a)j(rolling)e (checksum)f(o)o(v)o(er)h(the)h(\002le)h(to)f(de-)2010 1088 y(termine)20 b(where)f(changes)h(ha)n(v)o(e)g(been)f(made.)25 b(Rsync)c(uses)g(the)2010 1188 y(results)k(of)f(this)i(checksum)d(to)i (generate)e(the)i(dif)n(ferences)e(be-)2010 1288 y(tween)e(the)h (source)f(and)f(tar)o(get)h(v)o(ersions)g(of)g(the)g(\002le.)30 b(The)21 b(ad-)2010 1387 y(v)n(antage)j(of)i(this)g(approach)e(is)i (that)g(it)g(has)g(lo)n(wer)f(bandwidth)2010 1487 y(requirements)g (because)h(only)h(the)g(changes)f(are)h(transferred,)2010 1587 y(and)22 b(the)h(rolling)f(checksum)f(algorithm)g(eliminates)i (the)f(need)2010 1686 y(to)k(ha)n(v)o(e)f(both)g(v)o(ersions)g(of)g(a)i (\002le)f(on)f(the)h(serv)o(er)f(in)h(order)e(to)2010 1786 y(generate)g(a)h(dif)n(f.)39 b(Ho)n(we)n(v)o(er)m(,)24 b(Rsync)h(still)h(has)f(the)g(limitation)2010 1885 y(that)32 b(it)g(does)f(not)g(preserv)o(e)f(local)i(modi\002cations)e(to)h (source)2010 1985 y(\002les,)24 b(and)e(it)h(does)g(not)f(pro)o(vide)e (access)k(to)e(older)g(v)o(ersions)g(of)2010 2085 y(source)28 b(\002les)h(or)f(access)h(to)f(the)h(types)f(of)g(meta)g(information) 2010 2184 y(stored)20 b(in)g(a)h(CVS)g(repository)-5 b(.)2093 2293 y(CTM)20 b(\(\223Current)d(Through)g(e-Mail\224\))h(is)i (another)e(softw)o(are)2010 2393 y(distrib)n(ution)27 b(mechanism)g(that)i(transfers)f(only)f(the)i(changes)2010 2492 y(made)c(to)h(a)g(collection)f(of)g(\002les)i(rather)d(than)i (entire)f(\002les)h([4].)2010 2592 y(CTM)g(w)o(as)g(designed)f(to)g (use)h(the)f(electronic)g(mail)h(as)g(a)g(data)2010 2692 y(transport)h(mechanism.)47 b(CTM)29 b(operates)e(by)h(comparing)e(an) 2010 2791 y(old)g(and)h(ne)n(w)f(source)g(tree)h(and)f(generating)f (the)h(dif)n(ferences)2010 2891 y(between)19 b(them.)25 b(The)20 b(dif)n(fs)f(are)i(brok)o(en)d(up)i(into)g(e-mail)f(sized)2010 2990 y(chunks)j(and)h(mailed)h(to)f(a)i(mailing)d(list.)37 b(CTM)24 b(users)g(collect)2010 3090 y(the)30 b(dif)n(fs)f(from)g(the)h (mailing)f(list)i(and)e(apply)g(them)g(to)h(their)2010 3190 y(local)21 b(source)f(tree)g(by)h(using)f(the)h(CTM)g(client)g (program.)j(The)2010 3289 y(main)31 b(adv)n(antage)e(of)i(CTM)g(is)i (that)e(it)h(does)f(not)f(require)g(IP)2010 3389 y(connecti)n(vity)15 b(in)i(order)f(to)h(use,)h(b)n(ut)f(compared)e(to)i(CVS-based)2010 3489 y(mechanisms)i(it)i(is)g(still)h(limited.)2010 3786 y Fi(3)99 b(Anonymous)23 b(CVS)f(Design)g(and)h(Implemen-)2159 3902 y(tation)2010 4105 y Fh(CVS)g(can)f(be)g(used)g(to)h(manage)e(the) h(source)g(\002les)h(of)f(a)g(source)2010 4204 y(tree.)88 b(The)41 b(source)g(\002les)h(are)f(stored)g(as)h(a)g(collection)e(of) 2010 4304 y(RCS)e(control)c(\002les)k(called)e(the)g(CVS)h(repository) -5 b(.)70 b(De)n(v)o(el-)2010 4404 y(opers)33 b(check)f(out)h(w)o (orking,)i(fully)d(writable)h(v)o(ersions)f(of)h(a)2010 4503 y(source)27 b(tree,)i(mak)o(e)e(modi\002cations)f(to)i(the)f (\002les,)j(and)d(check)2010 4603 y(the)37 b(changes)f(back)h(into)g (the)g(repository)-5 b(.)74 b(CVS)38 b(can)f(also)2010 4703 y(mer)o(ge)22 b(in)h(changes)g(committed)f(by)h(other)f(users)i (into)f(a)h(local)2010 4802 y(repository)-5 b(,)17 b(display)h(commit)g (log)g(messages,)h(check)f(out)h(spe-)2010 4902 y(ci\002c)d(branches)f (or)g(dated)h(v)o(ersions)e(of)i(a)g(source)f(tree,)i(annotate)2010 5001 y(each)k(line)g(of)g(a)h(source)e(\002le)i(with)f(the)g(re)n (vision)f(and)h(author)f(of)2010 5101 y(that)g(line,)f(and)g(update)g (a)h(source)f(tree)h(by)f(transmitting)f(only)h(a)2010 5201 y(compressed)g(v)o(ersion)g(of)h(the)g(changes)f(made)h(to)g(a)h (\002le.)k(Thus,)2010 5300 y(CVS)32 b(pro)o(vides)d(a)j(more)e(po)n (werful)g(and)g(useful)h(abstraction)2010 5400 y(for)20 b(open)f(source)g(de)n(v)o(elopers)f(than)i(an)o(y)g(of)f(the)i(softw)o (are)e(dis-)p eop %%Page: 4 4 4 3 bop 0 83 a Fh(trib)n(ution)22 b(mechanisms)g(described)g(in)h(the)g (pre)n(vious)e(section.)0 183 y(Ho)n(we)n(v)o(er)m(,)f(prior)g(to)i (the)f(introduction)e(of)i(Anon)o(ymous)e(CVS,)0 282 y(CVS)i(had)e(a)g(major)g(limitation)g(for)g(open)g(source)f(projects:) 25 b(an)0 382 y(account)d(with)h(write)h(access)g(to)f(the)h(CVS)g (source)e(repository)0 482 y(w)o(as)28 b(required)c(in)j(order)f(to)h (use)f(CVS.)i(One)f(of)f(our)g(goals)g(in)0 581 y(creating)i(Anon)o (ymous)f(CVS)j(w)o(as)g(to)f(allo)n(w)h(greater)e(access)0 681 y(to)c(the)f(OpenBSD)g(project')-5 b(s)23 b(CVS)i(source)e (repository)e(in)j(or)n(-)0 780 y(der)c(to)g(ha)n(v)o(e)f(a)i(more)e (open)g(project)g(and)h(to)g(encourage)e(de)n(v)o(el-)0 880 y(oper)f(interest.)24 b(W)-7 b(e)19 b(w)o(anted)e(to)h(allo)n(w)g (an)o(yone)e(on)h(the)h(Internet)0 980 y(to)i(safely)f(ha)n(v)o(e)g (anon)o(ymous)862 950 y Fe(1)912 980 y Fh(read-only)f(access)i(to)g (our)f(CVS)0 1079 y(repository)f(\227)j(a)g(practice)e(that)i(w)o(as)g (unheard)d(of)i(at)g(the)h(time.)0 1315 y Fi(3.1)99 b(Anonymous)25 b(CVS)h(Goals)0 1471 y Fh(As)38 b(we)f(were)f(designing)g(OpenBSD')-5 b(s)37 b(Anon)o(ymous)d(CVS)0 1571 y(service,)20 b(we)g(had)g(the)g (follo)n(wing)f(three)g(goals)h(in)h(mind:)0 1730 y Fd(Security:)40 b Fh(While)25 b(we)f(w)o(anted)g(to)g(allo)n(w)g(the)g(w)o(orld)g(to)g (ha)n(v)o(e)166 1830 y(read)19 b(access)i(to)f(our)f(CVS)i(repository) -5 b(,)18 b(we)i(did)g(not)f(wish)166 1929 y(to)f(allo)n(w)f(anon)o (ymous)d Fg(write)19 b Fh(access)f(to)g(it.)24 b(Thus)17 b(we)h(had)166 2029 y(to)j(ensure)e(that)i(our)f(Anon)o(ymous)d(CVS)22 b(system)f(did)f(not)166 2129 y(compromise)e(the)i(security)g(of)g(our) f(source)h(repository)-5 b(.)0 2291 y Fd(Ef\002ciency:)41 b Fh(CVS)21 b(serv)o(er)e(operations)g(are)h(kno)n(wn)f(for)h(being)166 2391 y(resource)d(intensi)n(v)o(e.)23 b(While)c(we)g(were)f(eager)f(to) i(pro)o(vide)166 2490 y(anon)o(ymous)34 b(access)j(to)g(our)e (repository)-5 b(,)39 b(we)e(did)f(not)166 2590 y(w)o(ant)25 b(to)f(do)g(so)h(at)g(the)f(e)o(xpense)g(of)g(bogging)e(do)n(wn)h(our) 166 2690 y(CVS)g(machine.)29 b(Thus)22 b(we)g(had)g(to)g(ensure)f(that) i(Anon)o(y-)166 2789 y(mous)k(CVS)i(did)f(not)g(place)f(an)h(undue)f(b) n(urdon)f(on)h(our)166 2889 y(CVS)21 b(system.)0 3052 y Fd(Con)m(v)o(enience:)40 b Fh(If)31 b(an)g(Anon)o(ymous)d(CVS)k (service)e(is)i(dif)n(\002-)166 3151 y(cult)23 b(to)h(access)f(then)g (no)g(one)f(will)i(use)f(it.)35 b(Thus)22 b(we)i(de-)166 3251 y(signed)h(our)g(Anon)o(ymous)e(CVS)k(system)f(to)f(be)h(as)g (easy)166 3350 y(and)17 b(con)m(v)o(enient)e(to)j(use)g(as)g(possible.) 24 b(F)o(or)17 b(systems)h(with)166 3450 y(CVS)26 b(installed,)g (accessing)e(our)g(CVS)i(repository)d(is)j(as)166 3550 y(easy)34 b(as)g(setting)f(an)g(en)m(vironment)e(v)n(ariable)h(and)h (run-)166 3649 y(ning)i(CVS.)i(No)e(usernames,)k(passw)o(ords,)g(or)c (special)166 3749 y(programs)14 b(\(other)h(than)g(CVS)i(itself\))f (are)f(required)f(to)i(use)166 3849 y(Anon)o(ymous)h(CVS.)0 4085 y Fi(3.2)99 b(Anonymous)25 b(CVS)h(Design)0 4240 y Fh(Based)k(on)e(our)h(three)g(goals)g(we)g(decided)f(that)h(Anon)o (ymous)0 4340 y(CVS)35 b(service)f(should)e(be)i(of)n(fered)e(from)h(a) i(machine)d(other)0 4440 y(than)g(our)g(main)h(CVS)g(serv)o(er)f (system.)63 b(This)33 b(pro)o(vides)e(se-)0 4539 y(curity)36 b(by)h(k)o(eeping)f(all)i(anon)o(ymous)c(connections)h(of)n(f)i(the)0 4639 y(main)42 b(CVS)h(serv)o(er)-5 b(.)90 b(The)41 b(main)h(serv)o(er) f(need)g(only)g(dis-)0 4739 y(trib)n(ute)34 b(a)g(cop)o(y)g(of)g(its)h (CVS-controlled)d(RCS)k(\002les)f(to)g(the)0 4838 y(anon)o(ymous)26 b(system)j(using)f(a)h(standard)f(technique)f(such)i(as)0 4938 y(SUP)-9 b(.)37 b(It)g(does)g(not)f(ha)n(v)o(e)h(to)g(trust)g(the) f(anon)o(ymous)e(serv)o(er)p 0 5006 744 4 v 90 5061 a Fc(1)120 5085 y Fb(By)15 b(\223anon)o(ymous\224)j(we)d(mean)h(that)h (resources)g(can)g(be)f(accessed)h(without)0 5163 y(authenticating)i (the)14 b(user)g(\(as)g(in)g(anon)o(ymous)h(FTP\).)d(Achie)n(ving)17 b(truly)e(anon)o(y-)0 5242 y(mous)j(access)i(is)f(a)g(more)g(dif)n (\002cult)i(problem)f(that)g(w)o(as)f(be)o(yond)h(the)g(scope)g(of)0 5321 y(our)h(needs.)34 b(A)20 b(more)i(anon)o(ymous)g(access)g (mechanism)g(could)g(be)g(achie)n(v)o(ed)0 5400 y(by)17 b(borro)n(wing)i(ideas)f(from)e(a)i(system)f(such)g(as)g(Cro)n(wds)h ([8].)2010 83 y Fh(system)33 b(be)o(yond)e(that.)65 b(This)33 b(also)h(pro)o(vides)d(ef)n(\002cienc)o(y)h(by)2010 183 y(k)o(eeping)e(Anon)o(ymous)e(CVS)k(serv)o(er)e(and)h(netw)o(orking)e (load)2010 282 y(of)n(f)39 b(the)g(main)g(serv)o(er)f(machine.)81 b(This)40 b(is)g(important)e(be-)2010 382 y(cause)29 b(our)f(main)h(CVS)h(serv)o(er)e(\()p Ff(cvs.openbsd.org)p Fh(\))f(is)2010 482 y(connected)38 b(to)j(the)f(Internet)f(by)g(a)i(lo) n(w-bandwidth)c(ISDN)2010 581 y(link.)99 b(Figure)45 b(1)g(sho)n(ws)g(the)g(relationship)f(between)h(the)2010 681 y(main)22 b(OpenBSD)h(CVS)h(serv)o(er)e(and)h(the)f(primary)g (OpenBSD)2010 780 y(Anon)o(ymous)e(CVS)k(serv)o(er)d(\()p Ff(anoncvs.openbsd.org)p Fh(\).)2010 880 y(T)-7 b(o)45 b(access)g(the)f(Anon)o(ymous)e(CVS)j(service,)50 b(users)44 b(sim-)2010 980 y(ply)68 b(set)i(their)e Ff(CVSROOT)g Fh(en)m(vironment)d(v)n(ariable)i(to)2010 1079 y Ff (anoncvs@anoncvs.openbsd.org)36 b Fh(and)k(run)g(CVS)2010 1179 y(commands)22 b(normally)-5 b(.)34 b(The)24 b(Anon)o(ymous)d(CVS)k (serv)o(er)e(will)2010 1279 y(reject)j(an)o(y)g(attempt)g(to)h(modify)e (its)j(local)e(cop)o(y)g(of)g(the)h(CVS)2010 1378 y(repository)-5 b(.)2093 1490 y(W)e(e)25 b(also)g(secured)f(the)g(en)m(vironment)d(on)j (the)g(Anon)o(ymous)2010 1590 y(CVS)18 b(serv)o(er)e(in)h(order)f(to)h (pre)n(v)o(ent)e(malicious)h(tampering)f(with)2010 1689 y(CVS)24 b(service.)31 b(Anon)o(ymous)20 b(CVS)j(is)h(accessed)e (through)f(the)2010 1789 y(special)g(account)f(\223)p Ff(anoncvs)p Fh(.)-6 b(\224)27 b(While)22 b(this)g(account)e(has)h(no) 2010 1889 y(passw)o(ord)30 b(\(thus)f(allo)n(wing)h(an)o(yone)e(to)i (log)g(into)g(it\),)j(it)e(also)2010 1988 y(has)23 b(a)g(special)g (anoncvs)e(shell)i(that)g(restricts)g(what)f(it)i(can)e(run)2010 2088 y(to)31 b(a)h(single)f(command:)45 b(\223)p Ff(cvs)k(server)p Fh(.)-6 b(\224)57 b(An)o(y)30 b(attempt)2010 2187 y(to)c(run)e(a)i (command)e(other)h(than)g(the)g(CVS)i(serv)o(er)e(results)g(in)2010 2287 y(the)34 b(anoncvs)e(shell)i(printing)f(an)g(error)g(message)h (and)f(e)o(xit-)2010 2387 y(ing.)50 b(When)28 b(the)h(anoncvs)e(shell)i (recei)n(v)o(es)f(a)h(request)f(to)g(run)2010 2486 y(the)h(CVS)i(serv)o (er)d(it)i(uses)g(the)f Ff(chroot)g Fh(system)h(call)f(to)h(re-)2010 2586 y(strict)e(access)g(to)f(the)g(serv)o(er)f(to)i(a)f(sandbox)o(ed)e (en)m(vironment.)2010 2686 y(In)i(order)e(to)i(use)g Ff(chroot)g Fh(the)g(anoncvs)e(shell)i(must)g(be)g(se-)2010 2785 y(tuid)f(\223root.)-6 b(\224)41 b(While)27 b(this)f(is)h(not)f (optimal,)h(we)f(note)f(that)i(the)2010 2885 y(anoncvs)17 b(shell)i(is)h(a)f(small)g(program)d(that)j(immediately)f(drops)2010 2984 y(pri)n(vile)o(ges)24 b(as)i(soon)e(as)i(it)g(uses)g Ff(chroot)p Fh(.)40 b(W)-7 b(e)26 b(feel)f(that)h(the)2010 3084 y(gains)15 b(of)g(using)g(a)h(restricted)f(root)g(en)m(vironment)d (are)k(w)o(orth)f(the)2010 3184 y(risks)22 b(of)g(ha)n(ving)f(a)i (small)f(setuid)g(program.)29 b(A)23 b(partial)e(listing)2010 3283 y(of)f(the)g(anoncvs)f(shell)i(is)g(sho)n(wn)e(in)h(Figure)g(2.) 2093 3395 y(The)f(only)f(\002les)i(that)g(reside)f(in)g(the)g Ff(chroot)g Fh(en)m(vironment)2010 3495 y(are)d(the)g(commands)e (necessary)h(to)h(run)f(CVS)i(\(the)e Ff(cvs)h Fh(binary)2010 3594 y(and)26 b(helper)g(RCS)i(commands\))d(and)h(the)h(read-only)e (cop)o(y)h(of)2010 3694 y(the)17 b(CVS)h(repository)e(from)g(the)h (main)g(CVS)h(serv)o(er)-5 b(.)23 b(Note)17 b(that)2010 3794 y(CVS)33 b(v)o(ersion)e(1.10)f(and)i(later)g(v)o(ersions)f(access) h(RCS)i(\002les)2010 3893 y(directly)27 b(and)g(thus)h(the)g(RCS)h (helper)e(commands)f(no)i(longer)2010 3993 y(need)f(to)i(be)f(in)g(the) g(sandbox)f(area.)48 b(The)28 b(cop)o(y)f(of)h(the)h(CVS)2010 4093 y(repository)21 b(in)i(the)g(sandbox)e(is)j(o)n(wned)e(by)g(a)h (user)g(other)f(than)2010 4192 y(the)34 b(anoncvs)f(user)h(to)g(pre)n (v)o(ent)e(an)o(y)i(chance)f(of)h(an)g(anon)o(y-)2010 4292 y(mous)h(user)g(writing)g(to)g(it.)71 b(The)35 b(only)f(writable)h (directory)2010 4391 y(in)26 b(the)g(sandbox)e(en)m(vironment)f(is)k Ff(/tmp)e Fh(which)h(is)g(required)2010 4491 y(for)k(CVS)h(to)g (operate)e(properly)-5 b(.)53 b(Also)31 b(note)f(that)h(there)f(are) 2010 4591 y(no)e(setuid)f(\002les)i(in)f(the)g(sandbox.)47 b(Thus,)29 b(if)g(an)e(anon)o(ymous)2010 4690 y(user)g(w)o(as)h(to)f (break)f(out)h(of)g(the)g(CVS)h(serv)o(er)e(\(e.g.,)i(through)2010 4790 y(a)i(b)n(uf)n(fer)e(o)o(v)o(er\003o)n(w\))g(it)i(w)o(ould)f(be)g (v)o(ery)g(dif)n(\002cult)g(to)g(do)g(an)o(y)2010 4890 y(damage)22 b(other)g(than)g(interfere)g(with)h(other)f(CVS)i(serv)o (er)e(pro-)2010 4989 y(cesses)30 b(running)c(under)h(the)i(anoncvs)e (account.)48 b(The)29 b(possi-)2010 5089 y(bility)21 b(of)g(such)g(interference)e(could)h(be)h(a)n(v)n(oided)f(by)h(allo)n (wing)2010 5188 y(the)h(anoncvs)f(shell)i(to)f(randomly)e(distrib)n (ute)i(its)i(UID)e(among)2010 5288 y(a)c(speci\002c)g(range)e(of)i (UIDs)g(reserv)o(ed)e(for)h(anon)o(ymous)d(access.)2093 5400 y(The)24 b(main)g(adv)n(antage)e(of)i(using)f(an)h(anoncvs)f (shell)h(rather)p eop %%Page: 5 5 5 4 bop 429 1812 a @beginspecial 0 @llx 0 @lly 482 @urx 290 @ury 3615 @rwi @setspecial %%BeginDocument: anoncvs.eps /$F2psDict 200 dict def $F2psDict begin $F2psDict /mtrx matrix put /col-1 {0 setgray} bind def /col0 {0.000 0.000 0.000 srgb} bind def /col1 {0.000 0.000 1.000 srgb} bind def /col2 {0.000 1.000 0.000 srgb} bind def /col3 {0.000 1.000 1.000 srgb} bind def /col4 {1.000 0.000 0.000 srgb} bind def /col5 {1.000 0.000 1.000 srgb} bind def /col6 {1.000 1.000 0.000 srgb} bind def /col7 {1.000 1.000 1.000 srgb} bind def /col8 {0.000 0.000 0.560 srgb} bind def /col9 {0.000 0.000 0.690 srgb} bind def /col10 {0.000 0.000 0.820 srgb} bind def /col11 {0.530 0.810 1.000 srgb} bind def /col12 {0.000 0.560 0.000 srgb} bind def /col13 {0.000 0.690 0.000 srgb} bind def /col14 {0.000 0.820 0.000 srgb} bind def /col15 {0.000 0.560 0.560 srgb} bind def /col16 {0.000 0.690 0.690 srgb} bind def /col17 {0.000 0.820 0.820 srgb} bind def /col18 {0.560 0.000 0.000 srgb} bind def /col19 {0.690 0.000 0.000 srgb} bind def /col20 {0.820 0.000 0.000 srgb} bind def /col21 {0.560 0.000 0.560 srgb} bind def /col22 {0.690 0.000 0.690 srgb} bind def /col23 {0.820 0.000 0.820 srgb} bind def /col24 {0.500 0.190 0.000 srgb} bind def /col25 {0.630 0.250 0.000 srgb} bind def /col26 {0.750 0.380 0.000 srgb} bind def /col27 {1.000 0.500 0.500 srgb} bind def /col28 {1.000 0.630 0.630 srgb} bind def /col29 {1.000 0.750 0.750 srgb} bind def /col30 {1.000 0.880 0.880 srgb} bind def /col31 {1.000 0.840 0.000 srgb} bind def /col32 {0.557 0.557 0.557 srgb} bind def /col33 {0.255 0.271 0.255 srgb} bind def /col34 {0.557 0.557 0.557 srgb} bind def /col35 {0.255 0.271 0.255 srgb} bind def /col36 {0.557 0.557 0.557 srgb} bind def /col37 {0.255 0.271 0.255 srgb} bind def /col38 {0.557 0.557 0.557 srgb} bind def /col39 {0.255 0.271 0.255 srgb} bind def /col40 {0.557 0.557 0.557 srgb} bind def /col41 {0.255 0.271 0.255 srgb} bind def /col42 {0.557 0.557 0.557 srgb} bind def /col43 {0.255 0.271 0.255 srgb} bind def /col44 {0.557 0.557 0.557 srgb} bind def /col45 {0.255 0.271 0.255 srgb} bind def /col46 {0.557 0.557 0.557 srgb} bind def /col47 {0.255 0.271 0.255 srgb} bind def /col48 {0.557 0.557 0.557 srgb} bind def /col49 {0.255 0.271 0.255 srgb} bind def /col50 {0.557 0.557 0.557 srgb} bind def /col51 {0.255 0.271 0.255 srgb} bind def /col52 {0.557 0.557 0.557 srgb} bind def /col53 {0.255 0.271 0.255 srgb} bind def /col54 {0.557 0.557 0.557 srgb} bind def /col55 {0.255 0.271 0.255 srgb} bind def /col56 {0.557 0.557 0.557 srgb} bind def /col57 {0.255 0.271 0.255 srgb} bind def /col58 {0.557 0.557 0.557 srgb} bind def /col59 {0.255 0.271 0.255 srgb} bind def /col60 {0.557 0.557 0.557 srgb} bind def /col61 {0.255 0.271 0.255 srgb} bind def /col62 {0.557 0.557 0.557 srgb} bind def /col63 {0.255 0.271 0.255 srgb} bind def /col64 {0.557 0.557 0.557 srgb} bind def /col65 {0.255 0.271 0.255 srgb} bind def /col66 {0.557 0.557 0.557 srgb} bind def /col67 {0.255 0.271 0.255 srgb} bind def /col68 {0.557 0.557 0.557 srgb} bind def /col69 {0.255 0.271 0.255 srgb} bind def /col70 {0.557 0.557 0.557 srgb} bind def /col71 {0.255 0.271 0.255 srgb} bind def /col72 {0.557 0.557 0.557 srgb} bind def /col73 {0.255 0.271 0.255 srgb} bind def /col74 {0.557 0.557 0.557 srgb} bind def /col75 {0.557 0.557 0.557 srgb} bind def /col76 {0.557 0.557 0.557 srgb} bind def /col77 {0.557 0.557 0.557 srgb} bind def /col78 {0.557 0.557 0.557 srgb} bind def /col79 {0.557 0.557 0.557 srgb} bind def /col80 {0.557 0.557 0.557 srgb} bind def /col81 {0.557 0.557 0.557 srgb} bind def /col82 {0.557 0.557 0.557 srgb} bind def /col83 {0.557 0.557 0.557 srgb} bind def /col84 {0.557 0.557 0.557 srgb} bind def end save -70.0 362.0 translate 1 -1 scale /cp {closepath} bind def /ef {eofill} bind def /gr {grestore} bind def /gs {gsave} bind def /sa {save} bind def /rs {restore} bind def /l {lineto} bind def /m {moveto} bind def /rm {rmoveto} bind def /n {newpath} bind def /s {stroke} bind def /sh {show} bind def /slc {setlinecap} bind def /slj {setlinejoin} bind def /slw {setlinewidth} bind def /srgb {setrgbcolor} bind def /rot {rotate} bind def /sc {scale} bind def /sd {setdash} bind def /ff {findfont} bind def /sf {setfont} bind def /scf {scalefont} bind def /sw {stringwidth} bind def /tr {translate} bind def /tnt {dup dup currentrgbcolor 4 -2 roll dup 1 exch sub 3 -1 roll mul add 4 -2 roll dup 1 exch sub 3 -1 roll mul add 4 -2 roll dup 1 exch sub 3 -1 roll mul add srgb} bind def /shd {dup dup currentrgbcolor 4 -2 roll mul 4 -2 roll mul 4 -2 roll mul srgb} bind def /DrawEllipse { /endangle exch def /startangle exch def /yrad exch def /xrad exch def /y exch def /x exch def /savematrix mtrx currentmatrix def x y tr xrad yrad sc 0 0 1 startangle endangle arc closepath savematrix setmatrix } def /$F2psBegin {$F2psDict begin /$F2psEnteredState save def} def /$F2psEnd {$F2psEnteredState restore end} def $F2psBegin 10 setmiterlimit n -1000 7033 m -1000 -1000 l 10184 -1000 l 10184 7033 l cp clip 0.06000 0.06000 sc /Helvetica ff 270.00 scf sf 5175 4050 m gs 1 -1 sc (anonymous cvs) col0 sh gr % Polyline 30.000 slw n 1200 1500 m 3600 1500 l 3600 3000 l 1200 3000 l cp gs col0 s gr /Helvetica ff 270.00 scf sf 2400 1425 m gs 1 -1 sc (cvs.openbsd.org) dup sw pop 2 div neg 0 rm col0 sh gr /Helvetica ff 210.00 scf sf 2400 2925 m gs 1 -1 sc (master repository) dup sw pop 2 div neg 0 rm col0 sh gr % Ellipse n 5100 2925 1200 675 0 360 DrawEllipse gs col0 s gr % Polyline 7.500 slw gs clippath 7226 2098 m 7350 2100 l 7240 2156 l 7371 2126 l 7358 2067 l cp clip n 2850 2175 m 5100 2625 l 7350 2100 l gs col0 s gr gr % arrowhead n 7226 2098 m 7350 2100 l 7240 2156 l 7233 2127 l 7226 2098 l cp gs 0.00 setgray ef gr col0 s % Polyline [15 45] 45 sd n 7350 1650 m 8325 1650 l 8325 2625 l 7350 2625 l cp gs col0 s gr [] 0 sd % Polyline 30.000 slw n 6600 1500 m 9000 1500 l 9000 3000 l 6600 3000 l cp gs col0 s gr % Polyline 7.500 slw gs clippath 5130 4530 m 5100 4650 l 5070 4530 l 5070 4665 l 5130 4665 l cp clip n 5100 4650 m 5100 3375 l 7350 2475 l gs col0 s gr gr % arrowhead n 5130 4530 m 5100 4650 l 5070 4530 l 5100 4530 l 5130 4530 l cp gs 0.00 setgray ef gr col0 s % Polyline 30.000 slw n 3900 4350 m 6300 4350 l 6300 6000 l 3900 6000 l cp gs col0 s gr /Helvetica ff 270.00 scf sf 5100 3000 m gs 1 -1 sc (internet) dup sw pop 2 div neg 0 rm col0 sh gr /Helvetica ff 270.00 scf sf 3900 2250 m gs 1 -1 sc (sup) dup sw pop 2 div neg 0 rm col0 sh gr /Helvetica ff 270.00 scf sf 6300 2250 m gs 1 -1 sc (sup) dup sw pop 2 div neg 0 rm col0 sh gr /Helvetica ff 270.00 scf sf 7800 1425 m gs 1 -1 sc (anoncvs.openbsd.org) dup sw pop 2 div neg 0 rm col0 sh gr /Helvetica ff 210.00 scf sf 7800 2925 m gs 1 -1 sc (sandboxed mirror) dup sw pop 2 div neg 0 rm col0 sh gr /Helvetica ff 210.00 scf sf 5100 5925 m gs 1 -1 sc (anoncvs client) dup sw pop 2 div neg 0 rm col0 sh gr % Arc 7.500 slw gs n 5124.5 4547.5 437.5 126.5 53.5 arcn gs col-1 s gr gr /Helvetica ff 210.00 scf sf 5125 5289 m gs 1 -1 sc (src) dup sw pop 2 div neg 0 rm col-1 sh gr % Ellipse n 5125 4812 260 86 0 360 DrawEllipse gs col-1 s gr % Arc gs n 7824.5 2072.5 433.5 126.9 53.1 arcn gs col-1 s gr gr % Ellipse n 7825 1812 260 86 0 360 DrawEllipse gs col-1 s gr % Polyline n 8085 1856 m 8085 2419 l gs col-1 s gr % Polyline n 7564 1856 m 7564 2419 l gs col-1 s gr /Helvetica ff 210.00 scf sf 7825 2289 m gs 1 -1 sc (/cvs) dup sw pop 2 div neg 0 rm col-1 sh gr % Arc gs n 2424.5 1547.5 437.5 126.5 53.5 arcn gs col-1 s gr gr % Arc gs n 2424.5 2072.5 433.5 126.9 53.1 arcn gs col-1 s gr gr % Ellipse n 2425 1812 260 86 0 360 DrawEllipse gs col-1 s gr % Polyline n 2685 1856 m 2685 2419 l gs col-1 s gr % Polyline n 2164 1856 m 2164 2419 l gs col-1 s gr /Helvetica ff 210.00 scf sf 2425 2289 m gs 1 -1 sc (/cvs) dup sw pop 2 div neg 0 rm col-1 sh gr % Arc gs n 7824.5 1547.5 437.5 126.5 53.5 arcn gs col-1 s gr gr % Polyline n 5385 4856 m 5385 5419 l gs col-1 s gr % Polyline n 4864 4856 m 4864 5419 l gs col-1 s gr % Arc gs n 5124.5 5072.5 433.5 126.9 53.1 arcn gs col-1 s gr gr $F2psEnd rs %%EndDocument @endspecial 0 1995 a Fh(Figure)28 b(1:)42 b(OpenBSD')-5 b(s)29 b(Anon)o(ymous)d(CVS)k(service.)50 b(The)28 b(CVS)i(repository)d (is)j(mirrored)c(within)j(the)g(sandbox)e(using)h(SUP)0 2095 y(\(Rsync)20 b(could)f(also)i(be)f(used\).)0 2445 y(than)34 b(a)h(specialized)f(serv)o(er)g(program)e(is)k(that)e(it)h (inte)o(grates)0 2544 y(nicely)26 b(with)h(CVS')-5 b(s)29 b(serv)o(er)d(system)h(and)f(can)h(be)g(used)f(with)0 2644 y(standard)35 b(login)h(programs)e(such)i(as)h(rsh)g(and)f(ssh.)74 b(Man)o(y)0 2744 y(Anon)o(ymous)34 b(CVS)j(serv)o(ers)f(disallo)n(w)h (rsh)f(access)h(and)f(al-)0 2843 y(lo)n(w)25 b(only)f(ssh)h(access)h (for)e(added)f(security)-5 b(.)38 b(F)o(or)24 b(ssh,)j(a)e(non-)0 2943 y(standard)16 b(serv)o(er)g(port)g(such)g(as)i(2022)d(can)i(be)f (used)h(in)g(addition)0 3043 y(to)g(the)h(standard)e(port)g(to)i(mak)o (e)f(Anon)o(ymous)d(CVS)k(more)f(\002re-)0 3142 y(w)o(all)26 b(friendly)-5 b(.)39 b(This)26 b(allo)n(ws)g(users)g(to)g(w)o(ork)f (around)e(poorly)0 3242 y(thought-out)17 b(\002re)n(w)o(alls)k(that)f (are)g(con\002gured)e(to)i(block)g(all)g(un-)0 3341 y(kno)n(wn)f(traf)n (\002c)h(in)g(the)g(reserv)o(ed)f(TCP)i(port)e(range.)83 3447 y(Note)25 b(that)h(an)f(Anon)o(ymous)d(CVS)27 b(serv)o(er)d(is)i (more)f(secure)0 3547 y(than)35 b(most)g(Anon)o(ymous)e(FTP)j(serv)o (ers.)70 b(This)36 b(is)g(because)0 3646 y(standard)20 b(FTP)i(serv)o(ers)f(ne)n(v)o(er)f(re)n(v)n(ok)o(e)h(their)g(root)g (access.)29 b(In-)0 3746 y(stead,)21 b(the)o(y)f(just)h(sw)o(ap)g(UIDs) g(when)f(accessing)g(\002les.)28 b(On)21 b(the)0 3845 y(other)i(hand,)h(the)h(anoncvs)d(shell)j(permanently)d(re)n(v)n(ok)o (es)h(root)0 3945 y(access)e(before)e(running)f(the)i(CVS)h(serv)o(er) -5 b(.)0 4215 y Fi(3.3)99 b(Anonymous)46 b(CVS)f(Implementation)h(Is-) 224 4331 y(sues)0 4498 y Fh(As)25 b(we)f(implemented)f(Anon)o(ymous)e (CVS,)k(we)f(encountered)0 4597 y(three)29 b(issues)h(relating)f(to)g (CVS)h(that)g(caused)f(us)g(some)g(con-)0 4697 y(cern.)24 b(First,)19 b(we)g(disco)o(v)o(ered)e(that)i(CVS)g(did)g(not)f(run)g (properly)0 4796 y(without)e(write)i(access)g(to)f(its)h(log)f(\002le.) 24 b(Since)18 b(CVS)g(itself)g(is)g(an)0 4896 y(open)25 b(source)g(program,)g(we)h(\002x)o(ed)f(this)h(problem)f(by)g(adding)0 4996 y(the)c Ff(CVSREADONLYFS)d Fh(en)m(vironment)g(v)n(ariable)h(to)i (CVS.)h(If)0 5095 y(set,)f(CVS)g(ignores)e(this)i(error)-5 b(.)83 5201 y(Our)24 b(second)f(concern)f(with)i(Anon)o(ymous)d(CVS)k (w)o(as)g(ho)n(w)0 5300 y(it)19 b(interacted)f(with)h(CVS')-5 b(s)20 b(\002le)g(locking)d(protocol.)23 b(CVS)c(con-)0 5400 y(trols)d(access)h(to)f(RCS)h(\002les)g(by)e(creating)g(lock)h (\002les)h(in)f(the)g(CVS)2010 2445 y(repository)i(area.)24 b(Under)19 b(Anon)o(ymous)e(CVS)j(this)g(is)h(not)e(pos-)2010 2544 y(sible)d(since)g(the)g(Anon)o(ymous)d(CVS)k(serv)o(er)e(runs)g (under)f(a)i(UID)2010 2644 y(that)22 b(does)f(not)h(ha)n(v)o(e)f(write) h(access)g(to)g(the)g(repository)-5 b(.)27 b(T)-7 b(o)22 b(ad-)2010 2744 y(dress)32 b(this)h(issue)f(we)g(disabled)f(\002le)i (locking)e(for)g(read-only)2010 2843 y(access.)55 b(Since)30 b(commits)g(are)g(not)g(allo)n(wed)f(in)i(the)f(Anon)o(y-)2010 2943 y(mous)c(CVS)i(serv)o(er')-5 b(s)27 b(cop)o(y)f(of)h(the)g (repository)e(this)j(is)f(not)g(a)2010 3043 y(problem.)i(Ho)n(we)n(v)o (er)m(,)20 b(another)h(possible)g(problem)g(is)h(that)h(the)2010 3142 y(Anon)o(ymous)16 b(CVS)k(serv)o(er)f(may)f(encounter)f(a)j (partially)e(com-)2010 3242 y(plete)27 b(RCS)h(\002le)g(in)f(its)h(cop) o(y)f(of)f(the)h(repository)-5 b(.)44 b(W)-7 b(e)28 b(e)o(xam-)2010 3341 y(ined)18 b(the)h(CVS)h(documentation)c(and)i(source)h(code)f(and) g(deter)n(-)2010 3441 y(mined)26 b(this)i(w)o(as)f(unlik)o(ely)f(for)h (the)g(follo)n(wing)e(tw)o(o)i(reasons.)2010 3541 y(First,)j(CVS)e(on)f (the)h(main)f(serv)o(er)f(updates)h(its)h(RCS)h(\002les)f(in)2010 3640 y(one)e(operation)e(by)i(creating)f(a)i(temporary)d(RCS)j(\002le,) i(modi-)2010 3740 y(fying)c(it,)k(and)d(\002nally)h(renaming)e(it)i(to) g(the)f(RCS)j(\002le.)45 b(Since)2010 3840 y(the)29 b Ff(rename)g Fh(system)h(call)g(is)g(atomic,)h(there)e(is)i(no)e(chance) 2010 3939 y(of)i(the)f(mechanism)g(used)h(to)g(transfer)f(RCS)i (\002les)g(from)e(the)2010 4039 y(main)i(serv)o(er)g(to)g(the)h(anon)o (ymous)c(serv)o(er)j(encountering)e(an)2010 4138 y(incomplete)e(RCS)j (\002le.)52 b(Second,)31 b(we)e(use)h(SUP)g(to)f(transfer)2010 4238 y(our)g(RCS)j(\002les)f(from)e(the)h(main)g(serv)o(er)f(to)h(the)g (anon)o(ymous)2010 4338 y(serv)o(er)-5 b(.)59 b(When)32 b(SUP)g(installs)h(an)e(updated)f(\002le)j(it)f(uses)h(the)2010 4437 y(same)19 b(atomic-rename)e(technique)g(that)i(the)g(CVS)h(serv)o (er)e(uses)2010 4537 y(to)k(install)g(a)h(ne)n(w)e(\002le.)31 b(This)21 b(pre)n(v)o(ents)g(the)h(CVS)g(serv)o(ers)g(run-)2010 4637 y(ning)31 b(on)g(the)h(anon)o(ymous)c(serv)o(er)j(from)g(seeing)g (an)h(incom-)2010 4736 y(plete)24 b(RCS)i(\002le.)37 b(One)24 b(possible)f(problem)g(that)h(could)f(be)h(en-)2010 4836 y(countered)i(is)j(if)g(CVS)g(reads)f(a)g(list)i(of)e(RCS)h (\002les)g(currently)2010 4935 y(in)22 b(the)f(mirrored)f(repository)g (and)h(SUP)i(deletes)e(one)g(of)h(those)2010 5035 y(RCS)27 b(\002les)f(before)e(CVS)i(has)g(a)f(chance)f(to)i(open)e(it.)41 b(In)25 b(real-)2010 5135 y(ity)19 b(the)f(odds)g(of)g(this)h (happening)d(are)i(v)o(ery)f(lo)n(w)h(because)g(RCS)2010 5234 y(\002les)23 b(typically)f(do)f(not)h(get)h(remo)o(v)o(ed)d(from)h (a)h(repository)-5 b(.)29 b(Of)2010 5334 y(course)16 b(when)g(multiple)g(\002les)h(are)f(being)g(updated)f(on)h(the)h(mas-)p eop %%Page: 6 6 6 5 bop 111 4924 a @beginspecial 0 @llx 0 @lly 515 @urx 668 @ury 4377 @rwi @setspecial %%BeginDocument: anoncvssh.eps /$F2psDict 200 dict def $F2psDict begin $F2psDict /mtrx matrix put /col-1 {0 setgray} bind def /col0 {0.000 0.000 0.000 srgb} bind def /col1 {0.000 0.000 1.000 srgb} bind def /col2 {0.000 1.000 0.000 srgb} bind def /col3 {0.000 1.000 1.000 srgb} bind def /col4 {1.000 0.000 0.000 srgb} bind def /col5 {1.000 0.000 1.000 srgb} bind def /col6 {1.000 1.000 0.000 srgb} bind def /col7 {1.000 1.000 1.000 srgb} bind def /col8 {0.000 0.000 0.560 srgb} bind def /col9 {0.000 0.000 0.690 srgb} bind def /col10 {0.000 0.000 0.820 srgb} bind def /col11 {0.530 0.810 1.000 srgb} bind def /col12 {0.000 0.560 0.000 srgb} bind def /col13 {0.000 0.690 0.000 srgb} bind def /col14 {0.000 0.820 0.000 srgb} bind def /col15 {0.000 0.560 0.560 srgb} bind def /col16 {0.000 0.690 0.690 srgb} bind def /col17 {0.000 0.820 0.820 srgb} bind def /col18 {0.560 0.000 0.000 srgb} bind def /col19 {0.690 0.000 0.000 srgb} bind def /col20 {0.820 0.000 0.000 srgb} bind def /col21 {0.560 0.000 0.560 srgb} bind def /col22 {0.690 0.000 0.690 srgb} bind def /col23 {0.820 0.000 0.820 srgb} bind def /col24 {0.500 0.190 0.000 srgb} bind def /col25 {0.630 0.250 0.000 srgb} bind def /col26 {0.750 0.380 0.000 srgb} bind def /col27 {1.000 0.500 0.500 srgb} bind def /col28 {1.000 0.630 0.630 srgb} bind def /col29 {1.000 0.750 0.750 srgb} bind def /col30 {1.000 0.880 0.880 srgb} bind def /col31 {1.000 0.840 0.000 srgb} bind def end save -26.0 721.0 translate 1 -1 scale /cp {closepath} bind def /ef {eofill} bind def /gr {grestore} bind def /gs {gsave} bind def /sa {save} bind def /rs {restore} bind def /l {lineto} bind def /m {moveto} bind def /rm {rmoveto} bind def /n {newpath} bind def /s {stroke} bind def /sh {show} bind def /slc {setlinecap} bind def /slj {setlinejoin} bind def /slw {setlinewidth} bind def /srgb {setrgbcolor} bind def /rot {rotate} bind def /sc {scale} bind def /sd {setdash} bind def /ff {findfont} bind def /sf {setfont} bind def /scf {scalefont} bind def /sw {stringwidth} bind def /tr {translate} bind def /tnt {dup dup currentrgbcolor 4 -2 roll dup 1 exch sub 3 -1 roll mul add 4 -2 roll dup 1 exch sub 3 -1 roll mul add 4 -2 roll dup 1 exch sub 3 -1 roll mul add srgb} bind def /shd {dup dup currentrgbcolor 4 -2 roll mul 4 -2 roll mul 4 -2 roll mul srgb} bind def /reencdict 12 dict def /ReEncode { reencdict begin /newcodesandnames exch def /newfontname exch def /basefontname exch def /basefontdict basefontname findfont def /newfont basefontdict maxlength dict def basefontdict { exch dup /FID ne { dup /Encoding eq { exch dup length array copy newfont 3 1 roll put } { exch newfont 3 1 roll put } ifelse } { pop pop } ifelse } forall newfont /FontName newfontname put newcodesandnames aload pop 128 1 255 { newfont /Encoding get exch /.notdef put } for newcodesandnames length 2 idiv { newfont /Encoding get 3 1 roll put } repeat newfontname newfont definefont pop end } def /isovec [ 8#200 /grave 8#201 /acute 8#202 /circumflex 8#203 /tilde 8#204 /macron 8#205 /breve 8#206 /dotaccent 8#207 /dieresis 8#210 /ring 8#211 /cedilla 8#212 /hungarumlaut 8#213 /ogonek 8#214 /caron 8#220 /dotlessi 8#230 /oe 8#231 /OE 8#240 /space 8#241 /exclamdown 8#242 /cent 8#243 /sterling 8#244 /currency 8#245 /yen 8#246 /brokenbar 8#247 /section 8#250 /dieresis 8#251 /copyright 8#252 /ordfeminine 8#253 /guillemotleft 8#254 /logicalnot 8#255 /endash 8#256 /registered 8#257 /macron 8#260 /degree 8#261 /plusminus 8#262 /twosuperior 8#263 /threesuperior 8#264 /acute 8#265 /mu 8#266 /paragraph 8#267 /periodcentered 8#270 /cedilla 8#271 /onesuperior 8#272 /ordmasculine 8#273 /guillemotright 8#274 /onequarter 8#275 /onehalf 8#276 /threequarters 8#277 /questiondown 8#300 /Agrave 8#301 /Aacute 8#302 /Acircumflex 8#303 /Atilde 8#304 /Adieresis 8#305 /Aring 8#306 /AE 8#307 /Ccedilla 8#310 /Egrave 8#311 /Eacute 8#312 /Ecircumflex 8#313 /Edieresis 8#314 /Igrave 8#315 /Iacute 8#316 /Icircumflex 8#317 /Idieresis 8#320 /Eth 8#321 /Ntilde 8#322 /Ograve 8#323 /Oacute 8#324 /Ocircumflex 8#325 /Otilde 8#326 /Odieresis 8#327 /multiply 8#330 /Oslash 8#331 /Ugrave 8#332 /Uacute 8#333 /Ucircumflex 8#334 /Udieresis 8#335 /Yacute 8#336 /Thorn 8#337 /germandbls 8#340 /agrave 8#341 /aacute 8#342 /acircumflex 8#343 /atilde 8#344 /adieresis 8#345 /aring 8#346 /ae 8#347 /ccedilla 8#350 /egrave 8#351 /eacute 8#352 /ecircumflex 8#353 /edieresis 8#354 /igrave 8#355 /iacute 8#356 /icircumflex 8#357 /idieresis 8#360 /eth 8#361 /ntilde 8#362 /ograve 8#363 /oacute 8#364 /ocircumflex 8#365 /otilde 8#366 /odieresis 8#367 /divide 8#370 /oslash 8#371 /ugrave 8#372 /uacute 8#373 /ucircumflex 8#374 /udieresis 8#375 /yacute 8#376 /thorn 8#377 /ydieresis] def /Courier /Courier-iso isovec ReEncode /$F2psBegin {$F2psDict begin /$F2psEnteredState save def} def /$F2psEnd {$F2psEnteredState restore end} def $F2psBegin 10 setmiterlimit n -1000 13012 m -1000 -1000 l 10012 -1000 l 10012 13012 l cp clip 0.06000 0.06000 sc % Polyline 7.500 slw n 450 900 m 9000 900 l 9000 12000 l 450 12000 l cp gs col0 s gr /Courier-iso ff 180.00 scf sf 600 1410 m gs 1 -1 sc (#define LOCALROOT "/cvs") col0 sh gr /Courier-iso ff 180.00 scf sf 600 1830 m gs 1 -1 sc (/* remote hostname */) col0 sh gr /Courier-iso ff 180.00 scf sf 600 2040 m gs 1 -1 sc (#define HOSTNAME "anoncvs@anoncvs1.usa.openbsd.org") col0 sh gr /Courier-iso ff 180.00 scf sf 600 2460 m gs 1 -1 sc (/* cvs root */) col0 sh gr /Courier-iso ff 180.00 scf sf 600 2670 m gs 1 -1 sc (#define CVSROOT __CONCAT3\(HOSTNAME,":",LOCALROOT\)) col0 sh gr /Courier-iso ff 180.00 scf sf 600 3090 m gs 1 -1 sc (/* default environment */) col0 sh gr /Courier-iso ff 180.00 scf sf 600 3300 m gs 1 -1 sc (char * const env[] = {) col0 sh gr /Courier-iso ff 180.00 scf sf 600 3510 m gs 1 -1 sc ( "PATH=/bin:/usr/bin", "SHELL=/bin/sh",) col0 sh gr /Courier-iso ff 180.00 scf sf 600 3720 m gs 1 -1 sc ( __CONCAT\("CVSROOT=",LOCALROOT\),) col0 sh gr /Courier-iso ff 180.00 scf sf 600 3930 m gs 1 -1 sc ( "HOME=/", "CVSREADONLYFS=1",) col0 sh gr /Courier-iso ff 180.00 scf sf 600 4140 m gs 1 -1 sc ( NULL) col0 sh gr /Courier-iso ff 180.00 scf sf 600 4350 m gs 1 -1 sc (};) col0 sh gr /Courier-iso ff 180.00 scf sf 600 4770 m gs 1 -1 sc (int main\(argc, argv\)) col0 sh gr /Courier-iso ff 180.00 scf sf 600 5190 m gs 1 -1 sc (int argc;) col0 sh gr /Courier-iso ff 180.00 scf sf 600 5400 m gs 1 -1 sc (char *argv[];) col0 sh gr /Courier-iso ff 180.00 scf sf 600 5820 m gs 1 -1 sc ({) col0 sh gr /Courier-iso ff 180.00 scf sf 600 6030 m gs 1 -1 sc ( struct passwd *pw;) col0 sh gr /Courier-iso ff 180.00 scf sf 600 6450 m gs 1 -1 sc ( pw = getpwuid\(getuid\(\)\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 6660 m gs 1 -1 sc ( if \(pw == NULL || pw->pw_dir == NULL\) ) col0 sh gr /Courier-iso ff 180.00 scf sf 600 6870 m gs 1 -1 sc ( errx\(1, "no user/dir for uid 0", getuid\(\)\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 7290 m gs 1 -1 sc ( setuid\(0\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 7500 m gs 1 -1 sc ( if \(chroot\(pw->pw_dir\) == -1\) ) col0 sh gr /Courier-iso ff 180.00 scf sf 600 7710 m gs 1 -1 sc ( errx\(1, "chroot"\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 7920 m gs 1 -1 sc ( chdir\("/"\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 8130 m gs 1 -1 sc ( setuid\(pw->pw_uid\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 8550 m gs 1 -1 sc ( /* program now "safe" in sandbox with root privs dropped */) col0 sh gr /Courier-iso ff 180.00 scf sf 600 8760 m gs 1 -1 sc ( if \(argc != 3 || strcmp\("anoncvssh", argv[0]\) != 0 ||) col0 sh gr /Courier-iso ff 180.00 scf sf 600 8970 m gs 1 -1 sc ( strcmp\("-c", argv[1]\) != 0 || \(strcmp\("cvs server", argv[2]\) != 0 &&) col0 sh gr /Courier-iso ff 180.00 scf sf 600 9180 m gs 1 -1 sc ( strcmp\(__CONCAT3\("cvs -d ",LOCALROOT," server"\), argv[2]\) != 0\)\) {) col0 sh gr /Courier-iso ff 180.00 scf sf 600 9390 m gs 1 -1 sc ( fprintf\(stderr, "\\nTo use anonymous CVS install the latest "\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 9600 m gs 1 -1 sc ( fprintf\(stderr,"version of CVS on your local machine.\\n"\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 9810 m gs 1 -1 sc ( fprintf\(stderr,"Then set your CVSROOT environment variable "\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 10020 m gs 1 -1 sc ( fprintf\(stderr,"to the following value:\\n"\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 10230 m gs 1 -1 sc ( fprintf\(stderr,"\\t\\n\\n", CVSROOT\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 10440 m gs 1 -1 sc ( sleep\(10\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 10650 m gs 1 -1 sc ( exit\(0\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 10860 m gs 1 -1 sc ( }) col0 sh gr /Courier-iso ff 180.00 scf sf 600 11070 m gs 1 -1 sc ( execle\("/usr/bin/cvs", "cvs", "server", NULL, env\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 11280 m gs 1 -1 sc ( perror\("execle: cvs"\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 11490 m gs 1 -1 sc ( fprintf\(stderr, "unable to exec CVS server!\\n"\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 11700 m gs 1 -1 sc ( exit\(1\);) col0 sh gr /Courier-iso ff 180.00 scf sf 600 11910 m gs 1 -1 sc (}) col0 sh gr /Courier-iso ff 180.00 scf sf 600 1200 m gs 1 -1 sc (/* location of CVS tree relative to anonymous CVS user's home directory */) col0 sh gr $F2psEnd rs %%EndDocument @endspecial 1118 5107 a Fh(Figure)19 b(2:)26 b(P)o(artial)20 b(listing)g(of)g(anoncvs)f(shell)i(program)p eop %%Page: 7 7 7 6 bop 0 83 a Fh(ter)21 b(CVS)g(serv)o(er)f(there)g(is)i(still)g(a)f (chance)e(that)i(an)f(anon)o(ymous)0 183 y(user)29 b(will)h(end)f(up)g (fetching)f(some)h(old)g(\002le)h(and)f(some)g(ne)n(w)0 282 y(\002les)24 b(from)e(the)h(group)e(of)i(\002les)h(being)e (updated.)31 b(Indeed,)22 b(this)0 382 y(is)34 b(e)n(v)o(en)d(a)j (problem)d(for)h(normal)f(CVS)j(users)f(because)f(up-)0 482 y(dates)e(are)f(often)f(check)o(ed)g(in)i(multiple)f(chunks.)51 b(Ho)n(we)n(v)o(er)m(,)0 581 y(in)20 b(practice)f(we)h(ha)n(v)o(e)f (found)f(that)i(this)g(problem)e(does)i(not)f(oc-)0 681 y(cur)e(that)g(often.)23 b(In)17 b(the)g(future)f(it)i(may)f(be)g (useful)g(to)g(determine)0 780 y(w)o(ays)g(to)g(e)o(xtend)f(parts)h(of) f(CVS')-5 b(s)18 b(\002le)g(locking)d(to)i(anon)o(ymous)0 880 y(serv)o(ers.)42 b(It)26 b(w)o(ould)f(also)h(be)g(useful)g(to)g (create)f(a)i(mechanism)0 980 y(where)e(CVS)h(updates)f(on)g(the)g (master)g(serv)o(er)g(are)g(pushed)f(to)0 1079 y(the)c(sla)n(v)o(e)h (anon)o(ymous)c(serv)o(ers)j(as)h(soon)e(as)i(the)o(y)e(happen.)83 1197 y(The)30 b(third)f(issue)h(relating)f(to)h(CVS)h(that)f(caused)f (us)h(con-)0 1297 y(cern)36 b(w)o(as)h(CVS')-5 b(s)38 b(poor)d(handling)g(of)h(netw)o(ork)f(\003o)n(w)h(con-)0 1397 y(trol.)62 b(CVS')-5 b(s)34 b(serv)o(er)e(function)f(w)o(as)i (designed)f(to)g(run)g(in)h(a)0 1496 y(high-bandwidth)26 b(netw)o(ork)j(en)m(vironment)e(with)j(a)g(relati)n(v)o(ely)0 1596 y(small)21 b(source)f(repository)-5 b(.)24 b(This)c(en)m (vironment)e(is)j(fundamen-)0 1695 y(tality)35 b(incompatible)d(with)j (our)f(tar)o(get)f(en)m(vironment.)65 b(The)0 1795 y(OpenBSD)18 b(source)f(tree)g(consists)i(of)e(250MB)g(of)h(source)f(\002les,)0 1895 y(and)g(we)i(distrib)n(ute)e(it)i(to)f(man)o(y)f(anon)o(ymous)e (users)j(connected)0 1994 y(to)23 b(the)g(Internet)e(via)i(slo)n(w)g (speed)f(PPP)i(links.)33 b(W)-7 b(e)23 b(found)e(that)0 2094 y(CVS)36 b(did)f(not)g(run)g(well)h(in)f(this)h(en)m(vironment)c (because)j(it)0 2194 y(w)o(as)30 b(designed)d(to)i(minimize)f(the)h (amount)f(of)g(time)h(it)h(holds)0 2293 y(a)22 b(lock)f(on)g(a)i (directory)c(in)j(a)g(repository)-5 b(.)27 b(In)22 b(order)e(to)i(do)f (this,)0 2393 y(when)31 b(checking)g(out)h(source)f(code)g(the)h(CVS)h (serv)o(er)f(splits)0 2492 y(into)h(tw)o(o)h(processes.)65 b(The)33 b(\002rst)i(process)e(w)o(alks)h(the)g(CVS)0 2592 y(repository')-5 b(s)29 b(directory)g(tree)i(as)h(f)o(ast)f(as)g (possible)g(perform-)0 2692 y(ing)20 b(the)g(requested)e(action.)25 b(The)19 b(second)g(process)h(b)n(uf)n(fers)f(the)0 2791 y(output)j(from)g(the)h(\002rst)h(process)e(in)i(its)g(memory)d(and)i (sends)g(it)0 2891 y(out)30 b(o)o(v)o(er)f(the)i(netw)o(ork)e (connection.)53 b(The)30 b(second)g(process)0 2991 y(uses)19 b(non-blocking)14 b(I/O)k(to)g(ensure)g(that)g(it)g(does)g(not)g(block) f(on)0 3090 y(a)k(slo)n(w)f(netw)o(ork)f(connection.)k(This)d(allo)n (ws)g(the)g(\002rst)h(process)0 3190 y(to)29 b(run)e(to)i(completion)e (without)h(blocking)e(on)i(full)h(netw)o(ork)0 3289 y(I/O)e(b)n(uf)n (fers)g(while)g(holding)e(a)j(lock)f(on)f(a)i(repository)d(direc-)0 3389 y(tory)-5 b(.)39 b(The)24 b(problem)g(with)h(this)h(design)e(is)i (that)g(the)f(CVS)h(de-)0 3489 y(v)o(elopers)i(did)g(not)h(put)g(a)g (limit)h(on)e(the)h(amount)f(of)h(data)g(the)0 3588 y(second)23 b(process)h(w)o(as)h(willing)f(to)g(b)n(uf)n(fer)-5 b(.)35 b(The)24 b(result)g(of)g(this)0 3688 y(is)i(that)g(for)f(a)g(lar)o(ge)g (check)o(out)f(o)o(v)o(er)f(a)j(slo)n(w)g(link)f(the)g(second)0 3788 y(process)i(can)h(gro)n(w)f(and)g(consume)f(lar)o(ge)h(chunks)g (of)g(virtual)0 3887 y(memory)-5 b(.)55 b(W)-7 b(e)32 b(found)e(that)h(if)g(multiple)f(Anon)o(ymous)f(CVS)0 3987 y(serv)o(ers)d(were)h(running)e(at)j(the)f(same)g(time)g(the)o(y)g (quite)f(often)0 4086 y(e)o(xhausted)i(all)i(a)n(v)n(ailable)f(virtual) g(memory)f(on)h(our)g(Anon)o(y-)0 4186 y(mous)21 b(CVS)h(serv)o(er)f (machine)f(thus)i(creating)e(a)i(denial)f(of)g(ser)n(-)0 4286 y(vice.)30 b(This)23 b(problem)d(w)o(as)j(especially)e(anno)o (ying)f(since)i(lock-)0 4385 y(ing)e(is)h(not)f(an)g(issue)h(with)f(a)h (read-only)d(CVS)j(repository)-5 b(.)83 4503 y(T)e(o)34 b(\002x)f(this)h(problem,)h(we)f(modi\002ed)e(CVS)j(to)f(limit)g(the)0 4603 y(amount)c(of)h(data)g(the)g(second)f(process)h(can)g(b)n(uf)n (fer)-5 b(.)56 b(In)31 b(our)0 4703 y(en)m(vironment)16 b(it)k(is)g(better)f(to)h(let)g(the)f(\002rst)h(process)f(block)f(than) 0 4802 y(to)28 b(run)f(our)h(serv)o(er)f(out)h(of)f(virtual)h(memory)-5 b(.)46 b(P)o(artly)28 b(due)f(to)0 4902 y(our)d(complaints)g(about)h (the)g(beha)n(vior)e(of)i(CVS)h(in)g(this)f(case,)0 5001 y(the)31 b(maintainers)f(of)g(CVS)i(modi\002ed)e(it)h(to)g(address)g (this)g(is-)0 5101 y(sue.)37 b(Their)24 b(\002x)g(w)o(as)h(to)g(modify) d(the)j(\002rst)g(process)e(in)i(a)g(CVS)0 5201 y(check)o(out)19 b(to)i(be)g(non-blocking)c(only)j(on)g(a)h(per)n(-directory)d(ba-)0 5300 y(sis.)53 b(This)29 b(allo)n(ws)h(the)f(second)f(process)h(to)g (catch)g(up)f(to)i(the)0 5400 y(\002rst)h(after)f(the)h(\002rst)g(has)g (completed)d(a)j(directory)-5 b(.)54 b(The)30 b(ad-)2010 83 y(v)n(antage)c(of)h(this)h(\002x)g(is)g(that)g(it)g(minimizes)f(the) g(time)h(a)g(CVS)2010 183 y(directory)g(lock)i(can)f(be)h(held.)54 b(There)29 b(is)i(still)g(potential)e(for)2010 282 y(problems)h(if)j (CVS)g(encounters)d(a)i(single)g(directory)e(with)i(a)2010 382 y(lar)o(ge)18 b(number)f(of)h(modi\002ed)f(\002les.)26 b(In)18 b(this)h(case)g(it)h(is)f(still)h(pos-)2010 482 y(sible)28 b(for)f(the)g(CVS)h(serv)o(er)f(to)g(use)h(a)g (signi\002cant)f(chunks)f(of)2010 581 y(system)18 b(virtual)f(memory)-5 b(.)22 b(Ho)n(we)n(v)o(er)m(,)16 b(as)j(most)f(source)f(\002les)h(in) 2010 681 y(lar)o(ge)25 b(sources)g(trees)h(are)f(distrib)n(uted)g (among)f(se)n(v)o(eral)h(direc-)2010 780 y(tories)20 b(this)h(should)e(not)h(be)g(a)h(problem.)2093 888 y(One)e(remaining)f (unsolv)o(ed)f(issue)j(is)g(the)g(f)o(act)f(that)h(CVS)g(re-)2010 988 y(quires)30 b(a)h(writable)f Ff(/tmp)g Fh(directory)e(in)j(order)e (to)i(function.)2010 1088 y(F)o(or)k(better)g(security)g(we)g(w)o(ould) g(lik)o(e)g(for)g(an)g(Anon)o(ymous)2010 1187 y(CVS)23 b(serv)o(er)f(to)h(be)f(able)g(to)h(function)e(without)g(an)o(y)h (write)h(ac-)2010 1287 y(cess)34 b(to)g(the)g(\002lesystem)g(in)f(the)h Ff(chroot)f Fh(en)m(vironment)d(in)2010 1386 y(which)20 b(it)h(operates.)2010 1679 y Fi(4)99 b(Other)48 b(CVS-based)g(Distrib)n (ution)f(Mecha-)2159 1795 y(nisms)2010 1996 y Fh(As)61 b(open)f(source)f(repository)g(projects)h(became)f(more)2010 2096 y(widespread,)21 b(se)n(v)o(eral)g(ne)n(w)h(tools)g(including)e (CVS')-5 b(s)24 b(Pserv)o(er)m(,)2010 2195 y(CVSW)-7 b(eb,)19 b(and)e(CVSup)h(were)f(de)n(v)o(eloped)e(to)j(tak)o(e)g(adv)n (antage)2010 2295 y(of)i(this)h(po)n(werful)d(ne)n(w)i(en)m(vironment.) 2093 2403 y(CVS')-5 b(s)26 b(Pserv)o(er)d(w)o(as)i(created)e(by)h(the)g (CVS)h(de)n(v)o(elopment)2010 2503 y(team)30 b(partly)f(in)h(response)e (to)i(the)g(demand)e(for)h(anon)o(ymous)2010 2602 y(support)k(within)h (CVS)h(itself.)69 b(Rather)34 b(than)g(use)g(the)h(stan-)2010 2702 y(dard)20 b(CVS)h(serv)o(er)f(with)h(the)f(anoncvs)f(shell)i(that) g(we)g(created,)2010 2801 y(CVS')-5 b(s)30 b(Pserv)o(er)e(bypasses)h (rsh/ssh)g(and)f(listens)i(on)e(its)i(o)n(wn)2010 2901 y(TCP)h(port)e(for)g(connections.)52 b(Pserv)o(er')-5 b(s)29 b(user)h(interf)o(ace)f(re-)2010 3001 y(quires)22 b(the)g(use)h(of)f(a)g(login)g(and)g(passw)o(ord)f(\(e)n(v)o(en)g(for)h (anon)o(y-)2010 3100 y(mous)e(access)h(\226)g(an)f(anno)o(ying)e(incon) m(v)o(enience)f(for)j(users)h(get-)2010 3200 y(ting)e(started)g(with)g (Anon)o(ymous)d(CVS\),)k(and)e(it)i(transmits)f(this)2010 3300 y(data)26 b(o)o(v)o(er)e(the)i(wire)g(in)g(clear)n(-te)o(xt.)42 b(Pserv)o(er)25 b(often)g(does)h(not)2010 3399 y(operate)16 b(in)i(a)f Ff(chroot)g Fh(en)m(vironment,)d(and)j(thus)g(it)h(is)g (more)f(of)2010 3499 y(a)h(security)e(risk)h(than)g(our)f(v)o(ersion)g (of)h(Anon)o(ymous)d(CVS.)k(It)g(is)2010 3598 y(possible)h(to)g(run)f (Pserv)o(er)h(in)g(a)g Ff(chroot)g Fh(en)m(vironment,)d(b)n(ut)j(it) 2010 3698 y(requires)k(more)g(\002les)i(to)g(be)f(added)e(to)j(the)f (sandbox)e(en)m(viron-)2010 3798 y(ment)g(in)h(order)f(for)g(Pserv)o (er)g(to)i(authenticate)d(the)i(user)m(,)g(espe-)2010 3897 y(cially)g(on)f(systems)i(that)f(support)e(comple)o(x)g(user)i (authentica-)2010 3997 y(tion)g(mechanisms)g(lik)o(e)h(P)-8 b(AM)25 b([3)o(].)35 b(Pserv)o(er)m(,)24 b(unlik)o(e)f(Anon)o(y-)2010 4097 y(mous)29 b(CVS,)h(also)f(does)g(not)g(fully)g(gi)n(v)o(e)f(up)h (root)g(pri)n(vile)o(ges)2010 4196 y(if)c(it)g(has)g(them.)38 b(In)24 b(the)h(conte)o(xt)e(of)i(anon)o(ymous)c(access,)27 b(the)2010 4296 y(main)22 b(adv)n(antage)e(of)i(Pserv)o(er)f(is)i(that) f(it)h(is)g(included)d(with)j(the)2010 4395 y(main)d(CVS)h(distrib)n (ution.)2093 4503 y(The)28 b(CVSW)-7 b(eb)29 b(system)g(w)o(as)g(de)n (v)o(eloped)c(by)j(Bill)h(Fenner)2010 4603 y(of)h(the)g(FreeBSD)g (project)f(to)i(allo)n(w)f(anon)o(ymous)d(access)j(to)2010 4703 y(a)e(CVS)h(repository)d(through)g(a)i(standard)f(web)h(bro)n (wser)e([2].)2010 4802 y(Although)36 b(CVSW)-7 b(eb)39 b(cannot)e(be)h(used)g(in)g(the)g(same)h(w)o(ay)2010 4902 y(as)31 b(Anon)o(ymous)c(CVS)k(to)f(update)f(a)h(local)g(source)f (tree,)k(the)2010 5001 y(big)23 b(adv)n(antage)e(of)h(CVSW)-7 b(eb)24 b(is)g(that)f(it)h(allo)n(ws)f(an)o(yone)e(with)2010 5101 y(a)31 b(web)f(bro)n(wser)g(to)g(easily)h(bro)n(wse)f(the)g (content)f(of)i(a)g(CVS)2010 5201 y(repository)20 b(using)i(a)g (graphical)f(user)h(interf)o(ace.)29 b(This)22 b(can)g(of-)2010 5300 y(ten)f(be)f(more)g(con)m(v)o(enient)e(than)i(using)g(the)h (standard)e(CVS)j(in-)2010 5400 y(terf)o(ace.)p eop %%Page: 8 8 8 7 bop 224 3 3423 4 v 222 103 4 100 v 273 73 a Fd(T)-8 b(ool)p 1104 103 V 729 w(Location)p 3645 103 V 224 106 3423 4 v 222 206 4 100 v 273 176 a Fh(SUP)p 1104 206 V 731 w Ff(ftp://ftp.openbsd.org/pub/OpenBSD/)o(src/u)o(sr.bin)o(/sup)p 3645 206 V 224 209 3423 4 v 222 309 4 100 v 273 279 a Fh(Rsync)p 1104 309 V 675 w Ff(http://samba.anu.edu.au/rsync/)p 3645 309 V 224 312 3423 4 v 222 412 4 100 v 273 382 a Fh(CTM)p 1104 412 V 703 w Ff(http://www.freebsd.org/handbook/sy)o (nchin)o(g.html)o(#CTM)p 3645 412 V 224 415 3423 4 v 222 515 4 100 v 273 485 a Fh(CVS)22 b(\(includes)d(Pserv)o(er\))p 1104 515 V 98 w Ff(ftp://ftp.gnu.org/gnu/cvs)p 3645 515 V 224 518 3423 4 v 222 618 4 100 v 273 588 a Fh(Anon)o(ymous)f(CVS)p 1104 618 V 296 w Ff(http://www.openbsd.org/anoncvs.sha)o(r)p 3645 618 V 224 621 3423 4 v 222 721 4 100 v 273 691 a Fh(CVSW)-7 b(eb)p 1104 721 V 572 w Ff (http://www.freebsd.org/\230fenner/cvs)o(web/)p 3645 721 V 224 724 3423 4 v 222 824 4 100 v 273 794 a Fh(CVSup)p 1104 824 V 638 w Ff(http://www.polstra.com/projects/fr)o(eewar)o (e/CVSu)o(p/)p 3645 824 V 224 827 3423 4 v 1381 975 a Fh(T)g(able)20 b(1:)25 b(Source)20 b(distrib)n(ution)f(tools)p 172 1162 3527 4 v 170 1261 4 100 v 221 1232 a Fd(Pr)o(oject)p 957 1261 V 528 w(Inf)n(ormation)h(P)n(ointer)p 3697 1261 V 172 1265 3527 4 v 170 1364 4 100 v 221 1334 a Fh(CMU)h(Common)e(Lisp) p 957 1364 V 99 w Ff(http://www3.cons.org/cmucl/)p 3697 1364 V 172 1368 3527 4 v 170 1467 4 100 v 221 1437 a Fh(Ecgs)p 957 1467 V 625 w Ff(http://egcs.cygnus.com/cvs.html)p 3697 1467 V 172 1471 3527 4 v 170 1570 4 100 v 221 1540 a Fh(FreeBSD)p 957 1570 V 478 w Ff (http://www.freebsd.org/handbook/synchi)o(ng.ht)o(ml#AN)o(ONCVS)p 3697 1570 V 172 1574 3527 4 v 170 1673 4 100 v 221 1643 a Fh(Gnome)p 957 1673 V 541 w Ff (http://www.tw.gnome.org/software/anonc)o(vs.sh)o(tml)p 3697 1673 V 172 1677 3527 4 v 170 1776 4 100 v 221 1746 a Fh(GNUstep)p 957 1776 V 473 w Ff (http://www.gnustep.org/resources/Anonc)o(vs.tx)o(t)p 3697 1776 V 172 1779 3527 4 v 170 1879 4 100 v 221 1849 a Fh(Guile)p 957 1879 V 602 w Ff (http://www.red-bean.com/guile/guile-an)o(on-cv)o(s.htm)o(l)p 3697 1879 V 172 1882 3527 4 v 170 1982 4 100 v 221 1952 a Fh(Mozilla)p 957 1982 V 528 w Ff(http://www.mozilla.org/cvs.html)p 3697 1982 V 172 1985 3527 4 v 170 2085 4 100 v 221 2055 a Fh(Obtuse)p 957 2085 V 551 w Ff(http://www.obtuse.com/open)p 2313 2055 25 4 v 25 w(source/)p 3697 2085 4 100 v 172 2088 3527 4 v 170 2188 4 100 v 221 2158 a Fh(OpenBSD)p 957 2188 V 445 w Ff(http://www.openbsd.org/anoncvs.html)p 3697 2188 V 172 2191 3527 4 v 170 2291 4 100 v 221 2261 a Fh(OpenLD)m(AP)p 957 2291 V 392 w Ff (http://www.openldap.org/software/repo.)o(html)p 3697 2291 V 172 2294 3527 4 v 170 2394 4 100 v 221 2364 a Fh(Python)p 957 2394 V 550 w Ff(http://www.python.org/download/cvs.htm) o(l)p 3697 2394 V 172 2397 3527 4 v 170 2497 4 100 v 221 2467 a Fh(Quinn)h(Dif)n(f)p 957 2497 V 421 w Ff (http://quinn-diff.nocrew.org/anoncvs.h)o(tml)p 3697 2497 V 172 2500 3527 4 v 170 2600 4 100 v 221 2570 a Fh(Sudo)p 957 2600 V 615 w Ff(http://www.courtesan.com/sudo/anoncvs.)o (html)p 3697 2600 V 172 2603 3527 4 v 1007 2751 a Fh(T)-7 b(able)20 b(2:)25 b(Open)20 b(source)f(repository)g(projects)g(on)h (the)g(Internet)83 3101 y(The)k(current)f(state)i(of)f(the)g(art)g(in)h (open)e(source)g(repository)0 3201 y(source)g(distrib)n(ution)g(tools)i (is)g(John)f(Polstra')-5 b(s)24 b(CVSup)h(pack-)0 3300 y(age)e([6)o(].)35 b(CVSup)23 b(is)h(an)f(ef)n(\002cient)g(and)g(\003e) o(xible)f(\002le)i(distrib)n(u-)0 3400 y(tion)j(system.)48 b(CVSup')-5 b(s)28 b(ef)n(\002cienc)o(y)f(is)h(due)f(to)h(tw)o(o)g(f)o (actors.)0 3500 y(First,)23 b(the)g(control)e(protocol)f(used)i(by)g (CVSup)h(streams)f(mul-)0 3599 y(tiple)c(requests)g(between)g(client)g (and)g(serv)o(er)f(rather)h(than)f(mak-)0 3699 y(ing)32 b(the)g(client)g(w)o(ait)g(for)g(a)g(request)f(to)h(be)g(satis\002ed)h (before)0 3798 y(issuing)d(the)h(ne)o(xt)e(request.)55 b(This)31 b(helps)f(CVSup)h(mak)o(e)f(the)0 3898 y(most)c(of)h(a)n(v)n (ailable)f(netw)o(ork)f(bandwidth.)42 b(Second,)27 b(CVSup)0 3998 y(tak)o(es)22 b(adv)n(antage)e(of)h(kno)n(wledge)e(of)j(the)f (internal)g(formats)g(of)0 4097 y(certain)k(types)g(of)h(\002les)g(to)g (reduce)e(the)i(o)o(v)o(erhead)c(of)k(sending)0 4197 y(an)c(update.)29 b(CVSup)22 b(kno)n(ws)f(the)h(format)f(of)g(RCS)i (\002les,)h(CVS)0 4297 y(repositories,)f(and)g(append-only)d(log)j (\002les.)36 b(CVSup)24 b(can)f(use)0 4396 y(this)i(kno)n(wledge)d(to)i (easily)h(e)o(xtract)e(the)h(minimal)g(amount)f(of)0 4496 y(data)f(necessary)e(to)i(send)g(changes)e(from)h(these)h(types)f (of)h(\002les)0 4595 y(o)o(v)o(er)17 b(the)i(netw)o(ork)e(\(the)h(data) g(can)h(optionally)e(be)h(compressed)0 4695 y(before)27 b(being)g(transmitted\).)47 b(F)o(or)28 b(\002les)h(whose)e(format)g (CV)-8 b(-)0 4795 y(Sup)27 b(does)f(not)g(understand,)h(CVSup)f(uses)i (the)e(Rsync)h(algo-)0 4894 y(rithm.)43 b(CVSup)27 b(includes)f(both)f (a)i(command)e(line)i(and)e(GUI)0 4994 y(interf)o(ace.)83 5101 y(CVSup)d(has)g(tw)o(o)g(features)f(that)g(are)h(especially)f (useful)g(for)0 5201 y(accessing)c(CVS)h(repositories.)k(First,)d(the)e (CVSup)g(client)g(pro-)0 5300 y(gram)e(can)h(be)g(used)g(to)g(request)g (a)g(speci\002c)g(v)o(ersion)f(of)h(a)g(source)0 5400 y(tree.)24 b(The)16 b(v)o(ersion)f(can)h(be)g(speci\002ed)g(by)g(date)g (or)g(by)g(symbolic)2010 3101 y(name.)23 b(Second,)16 b(CVSup)h(can)g(be)f(used)h(to)g(do)n(wnload)e(changes)2010 3201 y(from)23 b(a)h(master)g(CVS)h(repository)e(and)g(mer)o(ge)g(them) g(directly)2010 3300 y(into)32 b(a)h(local)g(CVS)h(repository)2971 3270 y Fe(2)3001 3300 y Fh(.)63 b(This)33 b(allo)n(ws)g(de)n(v)o (elopers)2010 3400 y(to)27 b(maintain)g(their)g(local)g(changes)f (within)h(a)h(pri)n(v)n(ate)e(branch)2010 3500 y(of)32 b(their)h(cop)o(y)e(of)i(the)f(master)h(CVS)h(repository)-5 b(.)59 b(In)33 b(order)2010 3599 y(to)27 b(achie)n(v)o(e)f(the)h(same)g (ef)n(fect)f(with)i(traditional)d(Anon)o(ymous)2010 3699 y(CVS,)31 b(one)e(w)o(ould)g(ha)n(v)o(e)g(go)g(through)f(the)i(time)g (consuming)2010 3798 y(process)h(of)g(checking)f(out)h(a)h(clean)g(v)o (ersion)e(of)h(the)h(master)2010 3898 y(source)19 b(tree)g(\(via)g (Anon)o(ymous)e(CVS\))j(and)e(then)h(importing)f(it)2010 3998 y(into)26 b(the)g(v)o(endor)e(branch)h(of)h(a)h(local)f(CVS)h (repository)-5 b(.)41 b(CV)-8 b(-)2010 4097 y(Sup)20 b(can)g(do)g(the)g(same)g(job)g(with)g(much)g(less)h(o)o(v)o(erhead.) 2093 4197 y(There)i(are)h(tw)o(o)h(dra)o(wbacks)d(to)j(CVSup.)36 b(First,)26 b(it)f(is)g(dif)n(\002-)2010 4297 y(cult)e(to)g(compile)e (and)h(install)h(because)f(it)i(is)f(written)g(in)g(Mod-)2010 4396 y(ula3)16 b(rather)g(than)h(C.)g(While)g(there)g(are)f(open)g (source)g(Modula3)2010 4496 y(en)m(vironments)29 b(a)n(v)n(ailable,)k (compiling)d(and)h(installing)g(them)2010 4595 y(is)20 b(a)g(dif)n(\002cult)f(task)h(\(especially)e(for)h(unsupported)d (platforms\).)2010 4695 y(Ho)n(we)n(v)o(er)m(,)21 b(there)i(are)g (precompiled)d(binaries)i(a)n(v)n(ailable)h(from)2010 4795 y(the)h(PostgreSQL)f(project)2798 4765 y Fe(3)2830 4795 y Fh(.)36 b(The)24 b(second)f(dra)o(wback)f(of)h(CV)-8 b(-)2010 4894 y(Sup)32 b(is)g(that)g(it)h(can)f(only)f(access)h(a)h (set)f(of)g(pre-determined)2010 4994 y(collections)26 b(of)h(\002les,)i(while)e(Anon)o(ymous)d(CVS)k(can)f(access)2010 5094 y(an)o(ywhere)33 b(from)h(a)h(single)g(\002le)g(to)g(the)g(entire) g(source)f(tree.)p 2010 5161 744 4 v 2100 5217 a Fc(2)2130 5240 y Fb(Care)18 b(must)g(be)g(tak)o(en)h(to)f(a)o(v)o(oid)g(v)o (ersion)h(number)g(con\003icts)g(and)f(deleted)2010 5319 y(RCS)f(\002les,)g(see)g(the)h(CVSup)f(F)-5 b(A)l(Q)17 b(for)g(details.)2100 5377 y Fc(3)2130 5400 y Fb(See)g Fa(/pub/CVSup)e Fb(on)i Fa(ftp.postgresql.org)p eop %%Page: 9 9 9 8 bop 0 83 a Fh(Ho)n(we)n(v)o(er)m(,)27 b(if)h(CVSup)g(is)g(used)f (to)h(do)n(wnload)e(a)i(cop)o(y)e(of)i(the)0 183 y(entire)19 b(repository)-5 b(,)17 b(then)i(standard)f(CVS)j(can)e(be)g(used)g(on)g (that)0 282 y(repository)f(to)j(access)g(indi)n(vidual)d(\002les)j(in)f (that)h(repository)-5 b(.)0 539 y Fi(5)99 b(Conclusions)0 728 y Fh(In)21 b(this)h(paper)e(we)i(ha)n(v)o(e)e(e)o(xamined)g(the)h (issue)h(of)f(distrib)n(uting)0 827 y(the)16 b(source)f(code)g(of)h (open)f(source)g(projects)g(to)h(Internet)f(de)n(v)o(el-)0 927 y(opers.)23 b(T)-7 b(able)15 b(1)h(contains)f(a)h(list)g(of)g(the)f (tools)h(discussed)f(in)h(this)0 1027 y(paper)23 b(and)h(pointers)g(to) g(where)g(to)g(get)h(them.)37 b(W)-7 b(e)25 b(e)o(xamined)0 1126 y(the)16 b(e)n(v)n(olution)f(of)i(open)e(source)h(code)f(distrib)n (ution)h(from)f(early)0 1226 y(channels)i(such)g(as)h(USENET)g(and)f (anon)o(ymous)e(FTP)j(to)g(mod-)0 1326 y(ern)33 b(mechanisms)f(such)h (as)h(Anon)o(ymous)d(CVS,)j(CVSW)-7 b(eb,)0 1425 y(and)18 b(CVSup.)24 b(Our)18 b(contrib)n(ution)f(w)o(as)i(the)g(design)e(and)h (imple-)0 1525 y(mentation)c(of)h(Anon)o(ymous)d(CVS.)k(Since)g(the)f (introduction)e(of)0 1624 y(OpenBSD')-5 b(s)24 b(Anon)o(ymous)d(CVS)k (service)f(man)o(y)f(other)g(open)0 1724 y(source)i(projects)g(ha)n(v)o (e)f(opened)g(up)h(their)g(CVS)i(repositories.)0 1824 y(T)-7 b(able)37 b(2)h(contains)e(URLs)i(for)f(some)g(of)g(the)g(open)f (source)0 1923 y(repository)19 b(projects)g(currently)g(on)h(the)h (Internet.)j(W)-7 b(e)22 b(belie)n(v)o(e)0 2023 y(Anon)o(ymous)32 b(CVS)j(has)g(made)f(a)h(signi\002cant)f(positi)n(v)o(e)g(im-)0 2123 y(pact)28 b(in)f(the)h(open)f(source)g(community)-5 b(.)45 b(Anon)o(ymous)25 b(CVS)0 2222 y(certainly)k(had)g(a)h(positi)n (v)o(e)f(impact)g(on)g(OpenBSD.)g(W)-7 b(e)31 b(cur)n(-)0 2322 y(rently)f(see)h(around)e(2000)h(anoncvs)f(transactions)h(per)n (-week)0 2421 y(on)f(our)f(Canadian-based)f(Anon)o(ymous)g(CVS)j(serv)o (er)-5 b(.)52 b(Se)n(v-)0 2521 y(eral)19 b(of)g(our)f(other)g(Anon)o (ymous)e(CVS)k(serv)o(ers)f(report)e(similar)0 2621 y(usage.)23 b(W)-7 b(e)18 b(hope)e(to)h(see)g(more)f(open)g(source)g(repository)f (tools)0 2720 y(and)20 b(projects)f(appear)g(on)h(the)g(Internet)f(in)i (the)f(future.)0 2977 y Fi(Refer)n(ences)42 3166 y Fh([1])40 b(B.)d(Berliner)-5 b(.)81 b(CVS)37 b(II:)g(P)o(arallelizing)e(softw)o (are)h(de-)180 3266 y(v)o(elopment.)53 b(In)28 b Fg(USENIX)g(Confer)m (ence)g(Pr)l(oceedings)p Fh(,)180 3365 y(pages)20 b(341\226352.)d (USENIX,)j(1990.)42 3538 y([2])40 b(B.)132 b(Fenner)-5 b(.)385 b(CVSW)-7 b(eb.)387 b(See)180 3638 y Ff (www.freebsd.org/\230fenner/cvsweb.htm)o(l)p Fh(.)42 3811 y([3])40 b(Open)64 b(Group.)171 b(X/Open)64 b(single)h(sign-on)e (ser)n(-)180 3911 y(vice)47 b(\(XSSO\))g(-)h(pluggable)d (authentication.)114 b(See)180 4010 y Ff(www.opengroup.org)180 4110 y(/pubs/catalog/p702.htm)p Fh(.)42 4283 y([4])40 b(P)-9 b(.)35 b(Kamp.)77 b(Current)34 b(through)f(e-mail)i(\(CTM\).)77 b(See)180 4383 y Ff(www.freebsd.org)180 4482 y (/handbook/synching.html#CTM)p Fh(.)42 4655 y([5])40 b(M.)25 b(McK)o(usick,)h(K.)f(Bostic,)i(M.)e(Karels,)i(and)d(J.)i(Quar) n(-)180 4755 y(terman.)76 b Fg(The)36 b(Design)f(and)f(Implementation)f (of)j(the)180 4855 y(4.4BSD)18 b(Oper)o(ating)g(System)p Fh(.)27 b(Addison)19 b(W)-7 b(esle)o(y)i(,)19 b(1996.)42 5028 y([6])40 b(J.)21 b(Polstra.)29 b(CVSup.)g(See)21 b Ff(www.polstra.com)180 5127 y(/projects/freeware/CVSup/)p Fh(.)42 5300 y([7])40 b(E.)k(Raymond.)102 b(Open)43 b(source)g(home)g (page.)103 b(See)180 5400 y Ff(www.opensource.org)p Fh(.)2052 83 y([8])40 b(M.)29 b(Reiter)h(and)f(A.)g(Rubin.)58 b(Anon)o(ymity)27 b(lo)o(v)o(es)h(com-)2190 183 y(pan)o(y:)38 b(Anon)o(ymous)24 b(web)k(transactions)e(with)i(cro)n(wds.)2190 282 y Fg(Communications) 19 b(of)h(the)h(A)n(CM)p Fh(,)f(42\(2\):32\22648,)d(Febru-)2190 382 y(ary)j(1999.)2052 548 y([9])40 b(M.)35 b(Rochkind.)74 b(The)34 b(source)g(code)g(control)g(system.)2190 648 y Fg(IEEE)27 b(T)-5 b(r)o(ansactions)26 b(on)h(Softwar)m(e)g (Engineering)p Fh(,)g(SE-)2190 747 y(1\(4\):364\226370,)15 b(December)k(1975.)2010 913 y([10])40 b(S.)f(Shafer)-5 b(.)88 b(The)39 b(sup)f(softw)o(are)h(upgrade)e(protocol.)2190 1013 y(T)-6 b(echnical)40 b(report,)45 b(Department)39 b(of)i(Computer)e(Sci-)2190 1112 y(ence,)19 b(Carne)o(gie)h(Mellon)f (Uni)n(v)o(ersity)-5 b(,)19 b(1985.)2010 1279 y([11])40 b(W)-8 b(.)35 b(T)m(ichy)-5 b(.)74 b(RCS)36 b(\226)e(a)h(system)g(for)f (v)o(ersion)f(control.)2190 1378 y Fg(Softwar)m(e)18 b(\226)g(Pr)o(actice)f(&)i(Experience)p Fh(,)e(15\(7\):637\226654,)2190 1478 y(July)j(1985.)2010 1644 y([12])40 b(L.)19 b(T)-7 b(orv)n(alds)17 b(et)j(al.)26 b(The)18 b(Linux)g(operating)f(system.)26 b(See)2190 1743 y Ff(www.linux.org)p Fh(.)2010 1910 y([13])40 b(A.)d(T)m(ridgell)f(and)g(P)-9 b(.)37 b(Mack)o(erras.)82 b(The)36 b(rsync)g(algo-)2190 2009 y(rithm.)42 b(T)-6 b(echnical)24 b(report,)g(Department)g(of)g(Computer)2190 2109 y(Science,)c(Australian)f(National)h(Uni)n(v)o(ersity)-5 b(,)18 b(1998.)p eop %%Trailer end userdict /end-hook known{end-hook}if %%EOF