WHGIII wrote:
>My other thought was to operate CVS via e-mail and use PGP for
>authentication and encryption. This seems a slower and less optimal means
>of checking in and out source code but security is a primary goal. Do you
>know if anyone has written an e-mail interface for CVS or will I need to
>write some scripts? :)
FreeBSD has CTM, see http://www.freebsd.org/handbook/synching.html#CTM.
I don't think it does pgp, but it's a start, I guess.
>I am rather surprised that no one has looked into providing the type of
>functionality I outlined in my previous message to SSH.
>From my cursory reading of the I-D's, it should be easier to do this
in ssh2.
You mentioned that "security is a primary goal," but you aren't root
on your intended CVS host. If you trust root (and vice versa) already,
just ask root to do some root stuff (like make you a sudo to create
severely restricted accounts) to facilitate your work.
IMO, to give various people access to one account and to try to restrict
what each can do with that account is creating unnecessary work for oneself.
(And root might revise its trust in you if s/he catches on.) Use one account
per person and let the OS/sysadmin take care of the restrictions.
