[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: preliminary ACL support in cvs-nserver

From: Greg A. Woods
Subject: Re: preliminary ACL support in cvs-nserver
Date: Sat, 29 Sep 2001 22:07:40 -0400 (EDT)

[ On , September 30, 2001 at 04:28:16 (+0400), Alexey Mahotkin wrote: ]
> Subject: preliminary ACL support in cvs-nserver
> Answer: because the cvs-nserver ACL implementation does not work on a
> per-file level.

Do you understand the unix filesystem security model, especially as it
applies to CVS?  I think not.  There is no safe way to implement
per-file ACLs without doing them in the filesystem.

I think you are fooling yourself with false security.

In addition the whole concept of per-branch ACLs also suffers the very
same weaknesses that the current "cvsadmin" feature does.

                                                        Greg A. Woods

+1 416 218-0098      VE3TCP      <address@hidden>     <address@hidden>
Planix, Inc. <address@hidden>;   Secrets of the Weird <address@hidden>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]