After we send I HATE YOU we should probably exit and not happily continue with I LOVE YOU and further communication. Most clients will probably just exit and ignore everything we send after the I HATE YOU and it is not a security problem either because we don't really care about the user name anyway. But it is still the right thing to do. Signed-off-by: Frank Lichtenheld <frank@xxxxxxxxxxxxxx> --- git-cvsserver.perl | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/git-cvsserver.perl b/git-cvsserver.perl index a07c725..fcfb99d 100755 --- a/git-cvsserver.perl +++ b/git-cvsserver.perl @@ -105,6 +105,7 @@ if (@ARGV && $ARGV[0] eq 'pserver') { unless ($line eq 'anonymous') { print "E Only anonymous user allowed via pserver\n"; print "I HATE YOU\n"; + exit 1; } $line = <STDIN>; chomp $line; # validate the password? $line = <STDIN>; chomp $line; -- 1.5.1.4 - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html