On Sat, Feb 07, 2004 at 01:27:13AM +0100, Osamu Aoki wrote:
> By the way, does anyone used script cvs_acls explained below.
>
> https://sourceforge.net/docman/display_doc.php?docid=772&group_id=1#docscvsacls
>
I am not very familiar with CVS but this looks interesting.
I did some research on cvs_acls. It is found in contrib of cvs package
/usr/share/doc/cvs/contrib/cvs_acls.gz. This looks like nice script to
control the write access to the CVS archive.
We can set access control to files using perl regrex expression, if I
understood it right. For example we can easily set policy such as the
guest users '.*-guest$' will not be allowed to commit any files matching
'.*\/Makefies$', '.*\/makefies$', '.*\/GNUmakefile$', and '.*\/bin\/.*'
just for HEAD branch with 4 line entries to the CVSROOT/avail file.[*1]
This will make it very easy for me since most of fancy build scripts in
debian-reference have been written by the non-DD "jens-guest".
So by limiting only HEAD branch, it will be quite easy to communicate
with him over cvs for the details of script while HEAD can only hold
proofed scripts.
Osamu
[*1] This may not be enough to prevent the script attack for some
sources.
Attachment:
signature.asc
Description: Digital signature