[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
cvs on unix simple security issue
From: |
jason |
Subject: |
cvs on unix simple security issue |
Date: |
6 Mar 2006 08:56:30 -0800 |
User-agent: |
G2/0.2 |
Hello. self proclaimed CVS noob here
we have this repository root located under /aps/cvs/CVSROOT and we
maintain software under directories like this
/aps/fire/cobol
/aps/fire/jcl
/aps/fire/sql
I've discovered that unix users on the can remove cvs versioning
formation by simply doing an rm under /aps/cvs/aps/fire/jcl .. where
files like mysource,v exist.
However if I attempt to secure those directories, unix users can't
deploy to the repository.
Is there any way to secure the directories with the ",v" files while
allowing unix users (developers) to deploy? Don't they need write to
those directories?
Thanks for any help or information.
- cvs on unix simple security issue,
jason <=