Re: how to implement user level security in cvs ?

[Noel Yap]

Given:
1. CVS recreates (ie copies and removes) the archive
file each time there is a checkin.
2. CVS, by default, creates locks within the repo
directory.  The location of the locks can be
configured by setting LockDir within CVSROOT/config.
3. A user can create and remove files within a
directory if and only if (iff) that user has write
permissions to that directory.
4. A user can use a directory iff that user has
execute permissions to that directory.
5. A user can modify a file iff that user has write
permissions to that file.

Therefore:
1. A user will need repo file and directory read
permissions to checkout/checkin a file.
2. A user will need repo directory write permissions
to checkin a file.
3. It is safer if a user did not have repo file write
permissions.

Given:
1. Default ACLs cannot tell the difference between
directories and files.
2. Repo directory permissions need to be treated
differently from repo file permissions.

Therefore:
1. A loginfo script will need to reset file ACLs for
each commit.  It will also need to set ACLs on new
elements.  Typically, this setting is a combination of
inheritance from the parent directory for ACL users
and groups and read permissions, files are never
writable, files may need to be executable, and
directories are always writable and executable.

Noel

--- Muhammad Shakeel
<address@hidden> wrote:
> Dear Noel yap,
> AOA
> 
> Sorry i am asking a question related to little older
> thread in mailing 
> list. I implemeted ACL on directory level as was
> suggested, and do not 
> implemented on files. But what is reason that it is
> not recomended ? If 
> a user  have a permission on folder but not on a
> file then he cannot 
> checkout the code.
> 
> Can u please also recall to tell me what is required
> to do in loginfo 
> file in this case ?
> 
> 
> Regards,
> shakeel
> 
> 
> Noel Yap wrote:
> 
> >The answer is a little trickier than this,
> actually.
> >
> >I remember having to put something in loginfo so
> that
> >ACLs would get properly created from the directory
> >(default ACLs aren't appropriate here since you
> >probably don't want the directory's execute and
> write
> >bits to be inherited by the files).
> >
> >Noel
> >--- gabriel rosenkoetter <address@hidden> wrote:
> >
> >>On Thu, Apr 18, 2002 at 09:28:38PM +0500, Muhammad
> >>Shakeel wrote:
> >>
> >>> Can i use solaris access control list ? Is cvs
> >>>
> >>works fine when using acl ?
> >>
> >>Yes.
> >>
> >>(Think about this logically: cvs is run as the
> user
> >>performing the
> >>action. Therefore, it can only affect a file in a
> >>given way if the
> >>user has permission to do so.)
> >>
> >>Beware ownership changes of files, though. (And
> note
> >>that you
> >>probably don't want to use ACLs on files anyway,
> you
> >>want to use
> >>them on directories.)
> >>
> >>-- 
> >>gabriel rosenkoetter
> >>address@hidden
> >>
> >
> >>ATTACHMENT part 2 application/pgp-signature 
> >>
> >
> >
> >
> >__________________________________________________
> >Do You Yahoo!?
> >Yahoo! Tax Center - online filing with TurboTax
> >http://taxes.yahoo.com/
> >
> >_______________________________________________
> >Info-cvs mailing list
> >address@hidden
> >http://mail.gnu.org/mailman/listinfo/info-cvs
> >
> 
> -- 
> Regards,
> 
> Muhammad Shakeel
> Streaming Networks (Pvt.) Limited
> House 8, St. 31, F-7/1
> Islamabad - 44000, Pakistan
> 
> Talk:  +92-51-2823585, +92-51-2275589
> Fax:   +92-51-2820832
> Email: address@hidden
> Web:   streaming-networks.com
> 
> 
> 


__________________________________________________
Do You Yahoo!?
LAUNCH - Your Yahoo! Music Experience
http://launch.yahoo.com