[cvsnt] linux host, and ACLs

Kerry, Richard richard.kerry at siemens.com
Fri Oct 20 16:31:59 BST 2006


I think :local: is only safe if you've only got one user as I don't
think it does much locking of access.  I expect someone from March-Hare
might clarify this.

For serious use, I think you should use a server.

If there's any money at all available for this you might get the basic
CVS Suite from March Hare and read the eBook that comes with it.
Of course if there's lots of money available you can get March Hare to
sort it out for you ;-)


Helpfully,
Maybe,
Richard.

 

-----Original Message-----
From: cvsnt-bounces at cvsnt.org [mailto:cvsnt-bounces at cvsnt.org] On Behalf
Of bwhicks at aep.com
Sent: 20 October 2006 16:18
To: cvsnt at cvsnt.org
Subject: Re: [cvsnt] linux host, and ACLs

cvsnt-bounces at cvsnt.org wrote on 10/20/2006 10:57:51 AM:

> Use :pserver: (or whatever) to access localhost. Use file-level ACLs
to 
keep
> your users out... only allow the cvsnt service to read/write the
> repository.
> 
> > 
> > I believe, as Gerhard suggests, the file system ACLs are required.
> > Perhaps even as far as running the CVS server as another user
> > (in Unix terms, as a "SETUID" application) which does have
> > access to the repository.
> 
> That's the simplest solution.

no, the simplest solution is to not use a "server" at all. :local: is
the 
simplest solution, and you don't have to worry about firewalls, services

running as UIDs, or making sure services are running while users are 
trying to do cvs operations. It's all local. 

Brian
_______________________________________________
cvsnt mailing list
cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt


More information about the cvsnt mailing list