[cvsnt] Re: Administrative file perms in checkoutlist
Glen Starrett
grstarrett at cox.net
Sun Aug 1 20:57:01 BST 2004
Tony Hoyle wrote:
> Glen Starrett wrote:
>
>>
>> When I check out the files normally the exec is set properly too.
>> It's just when the admin files are rebuilt that it doesn't set the
>> perms. Same thing happens for .pl or no extension files.
>>
> Hmm we deliberately don't honour permission bits in CVSROOT (partly
> because of the problems it caused on some NT machines and partly because
> it adds an extra layer of security - if you can't checkin an executable
> script it's harder to do nasty things with the server).
>
> Perhaps we need a flag in config to enable this where required.
>
> Tony
Is this something that is automatic with 'traditional' CVS? I've been
searching but haven't found any indication of it as an issue, so I
presume it is. Without some way of managing it through CVS, I'm stuck
manually chmodding my CVSROOT after I commit any admin files :(
I would guess that something added to the checkoutlist should be OK,
especially since you should really have the directory perms locked down
or an admin file set up (or both).
BTW: Does the admin file only work to restrict administrative commands,
or does it deny writing to CVSROOT as well? There's no reference that I
can find to the CVSROOT admin file in the cvsnt.org/manual.
--
Glen Starrett
More information about the cvsnt
mailing list