[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVS, SSH, (Light) Security
From: |
Noel Yap |
Subject: |
Re: CVS, SSH, (Light) Security |
Date: |
Thu, 7 Mar 2002 11:51:22 -0800 (PST) |
--- "Greg A. Woods" <address@hidden> wrote:
> The point is that you cannot easily implement any
> policy that control
> access to individual files. CVS only works normally
> with per-directory
> access controls. You can muck about with scripts
> called by commitinfo,
> but that's not really guaranteed to be secure -- it
> would just be
> "advisory" security.
It's not necessarily "advisory" security. For
example, in order to effectively use file system ACLs,
one would need a loginfo script that would set the
appropriate ACLs. If the script didn't exist, some
wouldn't get the permissions they needed. IOW, the
script grants permissions, rather than denies them.
Noel
__________________________________________________
Do You Yahoo!?
Try FREE Yahoo! Mail - the world's greatest free email!
http://mail.yahoo.com/
- CVS, SSH, (Light) Security, Richard Caley, 2002/03/07
- Re: CVS, SSH, (Light) Security, Noel Yap, 2002/03/07
- Re: CVS, SSH, (Light) Security, Larry Jones, 2002/03/07