[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: preliminary ACL support in cvs-nserver
From: |
Alexey Mahotkin |
Subject: |
Re: preliminary ACL support in cvs-nserver |
Date: |
Sun, 30 Sep 2001 13:52:34 +0400 (MSD) |
>>>>> "GAW" == Greg A Woods <address@hidden> writes:
GAW> Do you understand the unix filesystem security model, especially
GAW> as it applies to CVS? I think not. There is no safe way to
GAW> implement per-file ACLs without doing them in the filesystem.
GAW> I think you are fooling yourself with false security.
GAW> In addition the whole concept of per-branch ACLs also suffers the
GAW> very same weaknesses that the current "cvsadmin" feature does.
Of course, ACLs are checked only in server-mode.
--alexm