Re: CVS, SSH, (Light) Security

info-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVS, SSH, (Light) Security

From:	Noel Yap
Subject:	Re: CVS, SSH, (Light) Security
Date:	Thu, 7 Mar 2002 11:51:22 -0800 (PST)

--- "Greg A. Woods" <address@hidden> wrote:
> The point is that you cannot easily implement any
> policy that control
> access to individual files.  CVS only works normally
> with per-directory
> access controls.  You can muck about with scripts
> called by commitinfo,
> but that's not really guaranteed to be secure -- it
> would just be
> "advisory" security.

It's not necessarily "advisory" security.  For
example, in order to effectively use file system ACLs,
one would need a loginfo script that would set the
appropriate ACLs.  If the script didn't exist, some
wouldn't get the permissions they needed.  IOW, the
script grants permissions, rather than denies them.

Noel

__________________________________________________
Do You Yahoo!?
Try FREE Yahoo! Mail - the world's greatest free email!
http://mail.yahoo.com/

[Prev in Thread]

Current Thread

[Next in Thread]

CVS, SSH, (Light) Security, Richard Caley, 2002/03/07
- Re: CVS, SSH, (Light) Security, Mark A. Flacy, 2002/03/07
  - Re: CVS, SSH, (Light) Security, Larry Jones, 2002/03/07
  - Re: CVS, SSH, (Light) Security, Richard Caley, 2002/03/07
    - Re: CVS, SSH, (Light) Security, Greg A. Woods, 2002/03/07
    - Re: CVS, SSH, (Light) Security, Noel Yap <=
- Re: CVS, SSH, (Light) Security, Noel Yap, 2002/03/07
- Re: CVS, SSH, (Light) Security, Larry Jones, 2002/03/07
- Re: CVS, SSH, (Light) Security, Richard Caley, 2002/03/07

Prev by Date: Re: CVS, SSH, (Light) Security
Next by Date: Re: Abandoned CVS server processes
Previous by thread: Re: CVS, SSH, (Light) Security
Next by thread: Re: CVS, SSH, (Light) Security
Index(es):
- Date
- Thread