> Thanks to Mark, Eric and Larry. > > SO just to summarize, seems I have two options, > > 1.stop nfs method of sharing , use :pserver > > 2. Evenif nfs is used, i need to setid the repository > and cvs > It's simpler than that: don't use NFS and the :local: access method. Just say no. I've been on CVS lists for years now, and I don't remember a single case of repository corruption that didn't involve that. Now, I rather suspect that corruption is rare anyway, but I sure wouldn't take the chance.
So, you have two options, depending on the level of security you want: 1. Stop using NFS, use :pserver:. This has a very low level of security, and should be used only if you trust everybody on the network. (On the one hand, you shouldn't have developers you don't trust, on the other hand most computer fraud and vandalism is perpetrated by insiders.) 2. Stop using NFS, use :ext: with SSH. This has a high level of security, provided you disable actual logins to the machine. Remember to use an ssh agent, or the continual typing of passphrases is going to get very painful. I'm starting to wonder if removing :local: mode might not be a bad thing. It would make things more awkward on single-computer installations (at home I use it on the Linux box, and pserver on the Macs and Windows box), but it would stop people from doing something natural that turns out to be dangerous. -- Now building a CVS reference site at http://www.thornleyware.com [EMAIL PROTECTED] _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs