RE: Security issues

[Chuck . Irvine]

Noel,

My group was recently enquiring into the possibility of implementing 
some sort of CVS security. Would you mind giving some brief examples of 
the kinds of things you can do with:

SSH
ACLs

I'm just looking for a little more detail than you provide below. This 
will help me get my research pointed in the right direction. Thanks

Chuck



> Depending on the details of your needs, you can look into the 
> following:
> 1. Use SSH.  This allows a secure (encrypted, authenticated, 
> ...) login to the
> CVS server.  You can also limit users to executing CVS only.
> 2. Use file system ACLs.  This allows several different 
> groups/users to have
> different permissions (to control checkin/checkout) within 
> the repository.
> 3. Use separate repositories.  You've already mentioned this 
> so I won't go into
> it further.
> 4. Use pserver.  I'm not too familiar with this approach but 
> I've never run into
> anything the above doesn't cover.
> 
> Noel
> 
> 
> 
> 
> address@hidden on 2001.04.10 08:44:55
> 
> To:   address@hidden
> cc:   (bcc: Noel L Yap)
> Subject:  Security issues
> 
> 
> 
> 
> 
> Hello list,
> 
> now I have my CVS infrastructure growing bigger, several
> departments are using it, and aparently there is requirement
> for security. I need to restrict departments also there will be
> WebEdit interface running for more public people.
> 
> Its not clear how to implement security inside CVS repository,
> by using accesslists? How to make CVS understand them?
> I'd like to keep singe CVS server.
> Also I'm not sure about possibility to have several repositories
> on one server, it looks like the easiest way to go though.
> 
> Any experience doing this? Patches, scripts?
> Help greatly appreciated!
> 
> -Nils J
> 
> 
> 
> 
>