[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: CVS Internal Authorization Patch

From: Chuck . Irvine
Subject: RE: CVS Internal Authorization Patch
Date: Fri, 10 Nov 2000 11:36:15 -0600

Perhaps the problem is that the security functionality provided by the
OS isn't easily mapped to CVS administration functions, especially for
those who are more OS "users" versus those who have experience with OS

For example, here are a few of the admin things we would like to do

- Lock/close out a branch from further access.
- Limit the ability to branch and merge to specified individuals.
- Limit access to certain portions of the admin command to 
  specified individuals.
- Limit the ability to import to certain individuals.

All of these seem to sparsely documented, if at all.

-----Original Message-----
From: derek.price [mailto:address@hidden
Sent: Tuesday, November 07, 2000 1:27 PM
To: Chuck.Irvine
Cc: info-cvs
Subject: Re: CVS Internal Authorization Patch

address@hidden wrote:

> I would be useful to know why you think this is a bad idea. Otherwise
> your comment is of limited value.

The general design philosophy behind CVS tends more towards leaving
like ACLs to the OS.  More people are putting more time into security
and nobody seems to want to pretend that CVS is secure.  Even if we had
large enough team with some good people willing to concentrate on
why reimplement something that's already handled, and handled well?

If the standard UNIX ACL level isn't fine grained enough for you you
always look into something like AFS.


Derek Price                      CVS Solutions Architect ( )
mailto:address@hidden     OpenAvenue ( )
Coffee is not for kids.
Coffee is not for kids.
Coffee is not for kids...

          - Bart Simpson on chalkboard, _The Simpsons_

Info-cvs mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]