[Savannah-hackers-public] Re: [Monotone-devel] Hosting multiple Monotone projects

[Richard Levitte - VMS Whacker]

In message <address@hidden> on Fri, 12 Aug 2005 03:10:14 -0700, Nathaniel Smith 
<address@hidden> said:

njs> On Thu, Aug 11, 2005 at 11:32:39PM +0200, Sylvain Beucler wrote:
njs> > - Authentication and access control: with CVS, we use one Unix groups
njs> > per repository to give access to different repositories but:
njs> > 
njs> > * that's not fine-grained (unlike Monotone's per-branch read access)
njs> > 
njs> > * Unix groups have limitation, mainly the number of groups one user
njs> >   can belong to (usually 16 or 32).
njs> > 
njs> > * it should be possible to use ACLs and a bit of hacking to get rid of
njs> >   those limitations, though.
njs> 
njs> This is because CVS write access invariable involves giving people
njs> logins on the server machine, and letting them run programs (i.e.,
njs> cvs) that get to full write access to the filesystem.  Right?

Note that with CVS + SSH and advance scripting hooked in, it's
perfectly possible to have quite advanced ACLs at module and branch
level, as well as having people participate without having a login on
the repository machine.  The most advanced ACL system I've seen for
CVS is http://directory.fsf.org/sysadmin/monitor/shiela.html .  It
does exactly what I described and more.

Cheers,
Richard

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

-- 
Richard Levitte                         address@hidden
                                        http://richard.levitte.org/

"When I became a man I put away childish things, including
 the fear of childishness and the desire to be very grown up."
                                                -- C.S. Lewis