[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVS access control

From: Tobias Brox
Subject: Re: CVS access control
Date: Wed, 26 Sep 2001 19:38:24 +0400
User-agent: Mutt/1.0.1i

address@hidden - Wed at 10:45:50AM -0400]
> I'm kind of against this, too, since branch-level permissions don't afford
> security at all since the archive file is still writable.

The pserver method is, as for now, the only one that can offer any real
access controls.  As I understood, cvs users could only access the box in
question through cvs. has also solved this problem somehow; people logging in
(through ssh) are only allowed to use cvs.

Another option is setuid'ness.  CVS is not currently constructed for it,
anyway it can be considered.

ACL is a bit on the edge, but it could certainly be considered to be within
the scope of an advanced version control system.  A paranoid system manager
certainly would not give write permission on the ,v-files to ordinary users.
They should only be operated through cvs.

> The "right" way to do what you want (although I'll admit it's more
> difficult) is to create a file system that supports versioning.

I wouldn't go there.  Logging transactions (thus offering a rollback
possibility to any given timestamp), just like for a database, could be
within the scope of a file system.  Complex version control, like cvs
offers, is IMHO a bit out of file system scope.  Or maybe not?  Hm!

Unemployed hacker
Will program for food!

reply via email to

[Prev in Thread] Current Thread [Next in Thread]