On Sat, Feb 07, 2004 at 01:27:13AM +0100, Osamu Aoki wrote: > By the way, does anyone used script cvs_acls explained below. > > https://sourceforge.net/docman/display_doc.php?docid=772&group_id=1#docscvsacls > I am not very familiar with CVS but this looks interesting. I did some research on cvs_acls. It is found in contrib of cvs package /usr/share/doc/cvs/contrib/cvs_acls.gz. This looks like nice script to control the write access to the CVS archive. We can set access control to files using perl regrex expression, if I understood it right. For example we can easily set policy such as the guest users '.*-guest$' will not be allowed to commit any files matching '.*\/Makefies$', '.*\/makefies$', '.*\/GNUmakefile$', and '.*\/bin\/.*' just for HEAD branch with 4 line entries to the CVSROOT/avail file.[*1] This will make it very easy for me since most of fancy build scripts in debian-reference have been written by the non-DD "jens-guest". So by limiting only HEAD branch, it will be quite easy to communicate with him over cvs for the details of script while HEAD can only hold proofed scripts. Osamu [*1] This may not be enough to prevent the script attack for some sources.
Attachment:
signature.asc
Description: Digital signature