Directory-level access control?

[sbaker]

Sorry if this has been asked and answered before -- I don't see it in
the archives.

I am setting up a CVS server which I need to be as secure as
possible. Since two companies must access it, it will be on a public
network. I've used ssh (with CVS_RSH -- no pserver) and given each
user an account on the box. Since I don't want them to do ANYTHING
else on the box, I've given these accounts a restricted shell which
doesn't do anything but run 'cvs server'. 

Since there are files that are specific to each company, and files
both companies need to share, I've set up three repositories: Company
A, Company B, and Shared. I use different unix groups to keep the
users out of each other's repositories.

This all works well, and seems to be reasonably secure. However, what
I REALLY want to do is use just one repository for the whole she-bang,
and have directory-level access control. i.e. a directory accessible
by both companies may contain a directory accessible by only one
company, or a directory accessible by only one company may contain a
shared directory.

I've been unsuccessful in making this work so far, either because it
can't work, or because of my imperfect understanding of filesystem
permissions. Is this possible to do? If so, can anyone rent me a clue?

While we're at it, if anyone has any comments about how to make this
kind of setup more secure, I'd appreciate those. From everything I've
read so far (including the messages on this list) this seems to be the
way to go. In case it matters for so general a question, I'm using
1.10.8, and considering changing to 1.11.

Thanks!

Steve Baker
kiku wa ittoki no haji kikanu wa matsudai no haji