info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: New update to the CVS ACL patch to support user groups

From: Noel L Yap
Subject: RE: New update to the CVS ACL patch to support user groups
Date: Wed, 25 Jul 2001 10:05:59 -0400 
File system permissions are file system permissions whether they are the
standard user/group/other kind or they are the ACL kind.

There is no need to be root to use them.  As with other file system
permissioning, one has to be the owner of the element in order to set its
permissions.

In any case, I would agree that its generally not a good idea to run CVS as
root.

If you really want to lock down the repo, use SSH and limit commands to CVS
(except for the admin, of course).

Noel

Corey: I have added the ability to have user groups....
Noel: FYI, file system support for ACLs (man setfacl for info) would make
your patch redundant....

As I understand it, to use Unix file permissions CVS has to run as root,
which has security implications. If security is important, it is not a good
idea to run CVS as root. Solaris has ACLs already but the security issue
prevents using them with CVS. Corey's patch allows CVS to run as 'cvsuser'
and still control access.

Or have I missed something?

Regards,
Martin




This communication is for informational purposes only.  It is not intended as
an offer or solicitation for the purchase or sale of any financial instrument
or as an official confirmation of any transaction. All market prices, data
and other information are not warranted as to completeness or accuracy and
are subject to change without notice. Any comments or statements made herein
do not necessarily reflect those of J.P. Morgan Chase & Co., its
subsidiaries and affiliates.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]