Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: cvs problem



>I noticed that change, too.  Frankly, it struck me as a really bad idea.
>
>I think the only thing to do is to create the group and put yourself in
>it.  Better yet, go into the source and delete the check; it's
>preposterous.
>
>From a security perspective, it's useless, since the cvs command is
>unprivileged and hence can't really enforce any privileges; anyone who
>wants can compile their own copy that deletes that gratuitous check.  It
>assumes that there is only one permission domain for cvs repositories on
>a system, which isn't necessarily true.  (I teach at a university; most
>professors and grad students have their own repositories.  Why should we
>all have to be in the same group?  What benefit is there to anyone?)
>
>I assume that there was some purpose in mind for the check.  For the
>life of me, I can't imagine what it was.

Think server-client. Do you think you can recompile/change the cvs binary
one the server side? Yes, it does not make sense for the local only code...

christos



Home | Main Index | Thread Index | Old Index