Greg A. Woods writes: > Even basic unix security requires proper use of individual system accounts.
Absolutely. No argument there. The issue I was talking about was not authentication, but access control (authorization), using Unix accounts. Authentication using Unix accounts is A-OK. (Use YP, LDAP, whatever..). Authorization, on the other hand, is also still being left to the same mechanism (YP or whatever), which is rather too coarse and inflexible (see the arguments I put forward..) I see that the CVSNT folks are adding CVS-level ACLs (access control lists), using hidden ".perms" and ".owner" files in repository directories that contain files. Should probably take a deeper look at how they implement this, and how it ties to various authentication mechanisms like :pserver: .. -- Shankar. _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs