[cvsnt] CVSNT Security using NTFS questions
Glen Starrett
grstarrett at cox.net
Wed Nov 12 17:42:40 GMT 2003
> Will adding users to the 'writers' file inside of the CVSROOT module
> give those users (listed in the file) commit privileges to ALL modules
> in the repository?
Yes
> By using the 'writers' file, can I specify module
> level security?
No, but you can use ACL's within CVS.
> Assume the following...
>
> - I executed Glen's script
> - I HAVE NOT added the 'admin' and/or 'writers' files under
> the CVSROOT
> module
> - Have changed Glen's CVSUser group to be Everyone account
>
> After reading the permissions set up by the script, my
> repositories will
> allow Everyone to update and commit files to any module except for the
> CVSROOT module. Am I reading this correctly?
Yes, assuming you mean 'writers' is not present. The mere presence of
'writers' means that all people who can commit need to be listed in there.
> I read the different NTFS Privileges as...
>
> If UserA has Full Control privileges on a file/module, then they have
> checkout, update and commit access to the module/file
>
> If UserB only has Read privileges, then UserB can checkout and update
> the file, but cannot commit the file.
>
> Is there a difference between Modify privileges and Full Control
> privileges in relation to CVSNT security?
CVSNT doesn't modify files--it does a full replace on files that it updates
to keep the changes atomic and avoid corruption if something should happen
to/on the server while CVSNT is trying to perform it's operations.
Glen Starrett
More information about the cvsnt
mailing list