> thanx for the reply. But I am curious how so many > projects are handled using CVS. I am sure every > project development team must be implementing > the sort of policy we are looking to implement.
Yes and no. CVS does a couple of things very well and that is it's core strength, and I believe it is a conscious decision NOT to do things that our outside of that scope (its related to the old unix "do one thing well" philosophy). If it is possible to "extend" that with a script then that is added to the contribs directory, where you will find cvs_acls (or something like that) which will help you restrict permissions, eg: read only or read and write. Other (related) projects like CVSNT (free/GPL, runs on unix/linux/windows/mac just like CVS) have a wider aim than just SCM so have a lot more "inbuilt" functions including ACLs (see "cvs chacl"), audit, merge tracking, changesets etc etc. I've personally never seen a SCM tool that has permissions per command, they are always per read/write/tag/control etc. In theory you could write a trigger or a script in the CVSNT Server Precommand trigger since the "command" is passed to that trigger: http://www.cvsnt.org/manual/html/precommand.html However I don't think there would be much security difference between setting these users as "read only" versus "export only". Regards, Arthur Barrett
