[cvsnt] ACLs, permissions, readers/writers, etc
Glen Starrett
grstarrett at cox.net
Fri Aug 20 17:51:22 BST 2004
Thomas Keller wrote:
> I hacked one for my purposes:
>
> http://thomaskeller.biz/linux/notify-scripts.tgz
>
> commit_prep for the commitinfo file (unchanged)
> log_accum for the actual mail sending (changes starting from line 271)
Might be better if the $CVSROOT was passed to the script instead of
parsing out the config file.
Tony--Would you think adding a environment "REPOSITORY_NAME" would be
appropriate? Then, if set, would trigger the script to use that value
for display to the client. Maybe the other way would be better: Change
CVSROOT to the name to purposefully break scripts that might otherwise
reveal the full path, then include the full path in another variable.
[OT] TBH, all the *nix security is a bit over me for now. I'm getting
up to speed on it but there is a lot I don't know, for example how to
allow interactive login via ssh yet secure the CVS repository if the
repository path can be found out. I would think there must be a way to
secure the interactive users, but I think it would mean disabling
impersonation. Would some sort of chroot setup help with this?
--
Glen Starrett
More information about the cvsnt
mailing list