RE: cvs commit/up's change file ownership in working dir.

[Greg A. Woods]

[ On Tuesday, January 6, 2004 at 17:17:41 (-0500), Patton, Matthew E., CTR, 
OSD-PA&E wrote: ]
> Subject: RE: cvs commit/up's change file ownership in working dir.
>
> can you elaborate on this? what magic files is the cvs server going to be
> looking for? Are we talking about cvs running the various support scripts
> (loginfo, commitinfo etc)? That I understand. I guess it wasn't clear, the
> CVS *server* is NOT running as root. only the client is. What kind of tricks
> is the client up to then?

Look -- just DO NO EVER run any part of CVS as root.  Period.  It's not
safe, and it's not designed to run as a privileged program at any level,
and it's not necessary.

> these kind of games don't make sense to me.

The files in the repository are kept in read-only mode because that's
the best way to avoid gross software errors from causing problems.  It's
not to protect the files from the users but rather to protect the files
from the programmer.

> But by implementing this you've artificially
> limited the cvs admin's options by a considerable amount.

On the contrary -- you think you can have something that you simply
cannot have in the first place.

You must give up on your attempt to have CVS do anything more than it
already does with file permissions.

CVS is _NOT_ a build tool.

Learn to use the right tool for the job.

> CVS wasn't designed with security in mind as has been said. Well then CVS
> has no business interjecting itself where it don't belong and especially
> making feeble attempts at it and pretending to do something. Do it right, or
> don't do it at all.

CVS isn't doing anything for security beyond what any average plain text
editor will do -- you're mistaken if you think otherwise.

> Don't get me wrong, I like CVS a lot. I'm just heavily annoyed at
> inconsistent behavior and don't like band-aids or hacks which are worse than
> the disease when design can obviate them.

The problem here is _only_ that you're using the wrong tool for the job
you're trying to do.  If you were not abusing CVS in the way you're
trying to then you wouldn't see any inconsistencies (well there's one,
but it's an ancient artifact of RCS backwards compatability).

Write a script to install the files from your working directory into
their final locations and have that script do the right thing with
permissions, ownerships, symlinks, hard links, and whatnot.

Check the script into your CVS module along with your files.

That way you will suddenly be able to properly version all those
attributes of a file that cannot be stored in an RCS file.

-- 
                                                Greg A. Woods

+1 416 218-0098                  VE3TCP            RoboHack <address@hidden>
Planix, Inc. <address@hidden>          Secrets of the Weird <address@hidden>