[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jeff Bailey <address@hidden>] Re: [Savannah-hackers] savannah.gnu.o
|
From: |
Bradley M. Kuhn |
|
Subject: |
Re: [Jeff Bailey <address@hidden>] Re: [Savannah-hackers] savannah.gnu.org: submission of GNU and FSF Organizational Files |
|
Date: |
Thu, 8 Mar 2001 17:55:22 -0500 |
|
User-agent: |
Mutt/1.2.5i |
Jeff Bailey <address@hidden> wrote:
> I don't want gnudocs available through anonymous. I know of no way of
> making it available to the whole GNU community without doing so. I'll
> cheerfully implement a solution for gnudocs.
[....]
> I will implement this as soon as I see a good solution for the anoncvs
> problem. Part of the problem is that it used to be possible for an
> average GNU user to do everything they needed: Create mailing lists,
> manage Gnats, CVS, gnuorg. We've taken away these abilities without
> having a stated change in our security policy.
I think I see your point, but I don't see how anonymous CVS fixes this issue
anyway. To give anonymous CVS access to /gd/gnuorg files would drastically
change our security policy, too. Also, I would argue that *not* providing
anoncvs is such a minor change in our security policy that we shouldn't
worry about it. Here's why:
When /gd/gnuorg goes into CVS, anyone with a fencepost account (which I
believe is what you mean by the phrase "GNU community" above --- please
correct me if I misunderstood) will still be able to read the most current
version of the files, because /gd/gnuorg will be updated by
checkout-on-commit (and should be world readable).
The only thing "lost" by this change is this:
Currently, anyone who wants to *update* /gd/gnuorg need only edit the
files in fencepost:/gd/gnuorg. Under this new system, such an updater
would have to ask me or someone else to add them to the savannah project
for "gnuorg". I could certainly add anyone who has an account on
fencepost already on a case-by-case basis if they need to update stuff in
/gd/gnuorg.
I realize this change does indeed add another step in the process that
wasn't there before, but it seems quite minor to me.
Incidently, I believe that making /gd/gnuorg available via anoncvs would
also be a major change in policy (IMHO, even a bigger than what I describe
above). With anoncvs, anyone on the Internet could read those files.
Currently, only those with fencepost accounts can read those files. And, we
don't give fencepost accounts to everyone who asks for them.
Anyway, if you want, we could run this whole issue by RMS for a final
decision. My position remains that gnuorg should be imported such that
anoncvs is turned off and with world-readable update-on-commit for
fencepost:/gd/gnuorg/.
BTW, I sincerely apologize if I have missed the point again. I'm happy to
have a phone chat so you can give me a clue if I am being dense. I doubt
more email traffic trying to explain it to me will likely be unhelpful,
because if I didn't get the point this time, it's likely I have temporarily
lost my clue-stick, and need a severe whack from someone else's.
pgpfrHGjRsGrq.pgp
Description: PGP signature