[cvsnt] Re: Major problems with CVSNT 2.0.58d

[Tony Hoyle]

Hartmut Honisch wrote:
> I see - so it's a bug in 2.0.58d that is CVSNT modifies the ACLs of
> repository files on the server because of CYGWIN being set to ntsec?

More an oversight...  The server doesn't really need ntsec - it can use 
ntea as the user never sees the temporary files.

> It happened to me (and various other users). In my case, I was told to set
> CYGWIN=ntsec when installing sshd on Cygwin. I had no idea that it would
> affect CVSNT (which I hadn't even installed when I set up sshd).

That's odd advice.  You certainly don't need to set that to variable to 
setup an sshd.  Cygwin defaults to it anyway (it probably shouldn't but 
that's another issue).

It isn't a problem though unless you've done some pretty odd things to 
the file permissions (I wasn't able to replicate the problem even trying 
very hard), and also set CYGWIN (which isn't the default).  Defaulting 
to ntea on the server helps with the 1% who hit the problem.

> Why do you want other users to fall into that trap as well? If you want ntea

What trap?

> to be the default for CVSNT (unless a user explicitly chooses ntsec), CVSNT
> should only rely on the  CVSNT variable, no matter what is set in CYGWIN. I
> don't understand the problem with that approach, and the change to the CVSNT
> source code is trivial.

For the permissions to be effective/useful CVSNT and CYGWIN should be 
synchronised.  If they're different it doesn't really work.  The whole 
point of using a compatible scheme is that they interoperate.

I'd rather remove the CVSNT variable altogether - there's a reason it 
was never documented - it was never intended to be used.

Tony