[ On Thursday, September 27, 2001 at 03:04:22 (+0400), Tobias Brox wrote: ]
> Subject: Re: CVS access control
>
> I'd say it would even be better off without password authentication at all
> (and use pserver only where public access is wanted).
Me too! :-) [[ PLEASE!!!! ]]
> Sorry for beeing unclear. pserver and ssh does the authentication (who are
> you?). When I say "access control", I'm thinking of authorization (who
> should be able to do what). I do think that authentication is out of the
> scope of CVS (ok, pserver _is_ already a part of CVS ... but anyway ...).
CVS is not a security tool -- it simply manages a bunch of files. You
do not want to even think about trying to make CVS into a security tool
-- that would be bad design and any implementation would inevitably be
doomed to ultimate failure since it could not, by definition, meet the
design goals.
I.e. CVS has no business doing anything related to access control,
authentication, authorisation, or anything related.
Use your OS to implement security policy and CVS will (have to) honour
your policy -- why make it any more complicated than that, since that's
all that's really necessary.
--
Greg A. Woods
+1 416 218-0098 VE3TCP <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
Planix, Inc. <[EMAIL PROTECTED]>; Secrets of the Weird <[EMAIL PROTECTED]>
_______________________________________________
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs
