info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: security question


From: Noel Yap
Subject: Re: security question
Date: Thu, 12 Dec 2002 08:18:49 -0800 (PST)

--- Phil R Lawrence <address@hidden> wrote:
> OK, I've settled on either importing our entire ERP
> source with -kb or 
> writing a script to traverse the sourcetree and
> check in the files 
> intelligently as either binary or text.  (anyone
> already have a script 
> that does this?)
> 
> Now, about security.  We would be a multi-client
> shop, so I need SSH to 
> encrypt sign-on info.  Also, to make auditors very
> happy, we need to 
> grant and deny write security to various projects in
> the repository.
> 
> I saw in the docs how to set up pserver and how it
> can manage read-write 
> permissions.  But I won't run a server without
> encryption.
> 
> How can I have SSH *and* locked down projects *and*
> locked down CVSROOT dir?
> 
> Security is very important.

Don't use pserver if security "is very important". 
IMHO, pserver is meant to be convenient, not secure.

I believe there's an item in the FAQ on setting up
SSH.

There should also be a FAQ item on using file system
ACLs.  Alternatively, you might consider creating
separate repositories rather than one repository.

Noel

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com



reply via email to

[Prev in Thread] Current Thread [Next in Thread]