[cvsnt] Re: ACL on files: Bug or user error?
João Carlos Mendes Luis
jonny at jonny.eng.br
Mon Jun 5 18:30:06 BST 2006
Tony Hoyle wrote:
> João Carlos Mendes Luis wrote:
>
>>> What I want to do is to allow the user access to only some files,
>>> preferably default to none, and explicitly to some.
>>>
> Put them in separate directories.
>
> The current planning is to remove the 'no read' permission completely
> from the file permissions, since it creates a situation where it is
> impossible for a user to run cvs update successfully.
Hi Tony,
I'll try using separate directories, but could you please explain the
situation a little further?
I have done some source hacking, and found the problem in recurse.cpp,
line 928 (cvsnt-2.5.03.2344). The ACL checking is not done during a
checkout because at this point there is no info on the file, or better
said, the file is not on hash "finfo->entries". But this is only used
to evaluate the file tag. On checkout, the tag is passed from command
line, so this could be read from somewhere (like a global variable). I
am very tempted to do this, but I'd like to know more about the problem
first.
File-level read control would make our process much easier.
More information about the cvsnt
mailing list