[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is a multiple pserver possible?

From: Mark D. Baushke
Subject: Re: Is a multiple pserver possible?
Date: Tue, 06 Jan 2004 16:31:59 -0800

Hash: SHA1

Anne Henmi <address@hidden> writes:

> Mark D. Baushke grabbed a keyboard and typed...
> > > > > So, is this possible? Do I need to just create several CVS
> > > > > users for the anonymous projects? Can I get away with that
> > > > > without running a lot of cvsd's?
> > > > Leaving aside the merits of cvsd, I do not see any problem with
> > > > having a single anonymous user for all of the repositories
> > > > hosted on a single server. You should be able to setup the
> > > > [x]inetd.conf or equivalent command to invoke 'cvs pserver' with
> > > > --allow-root=/cvs/project1 - --allow-root=/cvs/project2
> > > > --allow-root=/cvs/project3 when a connection to the cvspserver
> > > > port (2401) by adding the same CVSROOT/passwd entry for the
> > > > anonymous user to each repository.
> > > 
> > > I don't either, but the main user of the system wants multiple
> > > anonymous type accounts.
> > Why?
> Because he doesn't want the various anonymous users to have access to
> various projects.

And how is he going to audit who used the 'anonymous' userids? This
seems like a very poor approach to me.

You would do better to give everyone a read-only account on the box for
the projects they need and be done with it. Then you could audit what
they checked out of the system.

> I don't understand it either, but I'm trying to get it setup his way.

Are you being paid to think? If so, tell him the idea is a bad one. If
you can't, then you have my condolences. Working for a PHB is not fun.

> Can this work?

It might technically do what he is asking, but I would not be surprised
to learn you have problems with the setup. Clearly, you will need to
keep three separate repositories for it to have a glimmer of a hope of

A shared 'secret' password for 'anonymous' use is a bad idea. An
anonymous account should only be used for a read-only system and by
its nature it will shortly not have a 'secret' password as soon as
folks talk about it amongst themselves.

Feel free to tell him that folks on the net are getting ready to laugh
at him for telling you to do something really silly and ask him if it is
okay for Scott Adams to have a special PHB guest on the Dilbert strip
with his name... 1/2 :-)

Ask him what he will tell his boss when someone leaks project2 to the
world without permission. Who leaked the files? Who had access to check
them out of the system? What happens when personA leaves project1 and
moves to project2, will you have to change the anonymous password and
tell everyone in project1 the new password?

        -- Mark
Version: GnuPG v1.2.3 (FreeBSD)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]