info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: re-entering comments: admin -m

From: Jim.Hyslop
Subject: RE: re-entering comments: admin -m
Date: Wed, 2 Mar 2005 17:43:54 -0500 
GuyBrush Treepwood wrote:
> At http://computing.ee.ethz.ch/sepp/cvs-1.10-to/cvsbook/main_78.html
> it is stated:
> 
"...
> Although its name might seem to imply that only the designated CVS
> administrator can use it, in fact anyone can run cvs admin, as long as
> they have write access to the project in question.
..."

That is actually not necessarily true, at least with the latest versions of
CVS. If your CVS system is set up with a 'cvsadmin' group, then only members
of 'cvsadmin' can run the 'cvs admin' command. The feature version (1.12.*)
allows you to configure CVS to allow users access to specific sub-commands
(e.g. 'cvs admin -k', to change the "binaryness" of a file).

> Is changing the history of a project a bad thing? And so it is, why? 

The problem is with auditing. When 'cvs admin' is used, there is no audit
trail that the log message was changed. Off the top of my head, I can think
of two possible problems with admin -m:

1) Inadvertently changing the log message for the wrong version. Suppose you
wanted to change 1.21, but fat-fingered the keyboard and typed in 'cvs admin
-m 1.12' instead. The log message for 1.12 is now lost. You'll have to go to
your tape backups to restore the correct message for 1.12. This is assuming
that you notice the error before the backup tapes get recycled.

2) Tampering. Someone could deliberately tamper with the log messages for
whatever nefarious purposes they had in mind. Note that the -m option won't
change the user name associated with the checkin, so you can't make it look
like someone else checked in a file.

> Could CVS have troubles doing certain operations on the project in the
> future?
None at all - the log messages are just text comments to CVS. It ignores
them, except when you issue the 'cvs log' command, at which point it simply
spits out precisely what you typed in.

-- 
Jim Hyslop
Senior Software Designer
Leitch Technology International Inc. ( http://www.leitch.com )
Columnist, C/C++ Users Journal ( http://www.cuj.com/experts )
reply via email to
[Prev in Thread] Current Thread [Next in Thread]