For those who are using cvs-acls.pl for access control will find that cvs-acls.pl has no use against "cvs import", since "cvs import" does not require commit at all and commitinfo(and so as cvs-acls.pl) never get called. You may receive complaint about conflicts on existing files but new files or directories will just bypass cvs-acls.pl and go straight to the main branch (and 1.1.1 branch). As import can handle many files at once, it may hard to recover this if you just "accidentally" call "cvs import".
I found there was a patch get posted a few years ago http://savannah.nongnu.org/patch/?4441 http://savannah.nongnu.org/patch/?4441 , it adds checking like commitinfo for "cvs import" but never make it to the mainline of CVS. readers/writers files seem to be the only thing that can stop "cvs import" but its use is very restrictive (that is why we use cvs-acls.pl at the first place) Any thought you can share about better access control the CVS repository? -- View this message in context: http://www.nabble.com/cvs-acls.pl-cannot-stop-%22cvs-import%22-tp17071532p17071532.html Sent from the Gnu - Cvs - Info mailing list archive at Nabble.com.
