[cvsnt] Re: group file question

Tony Hoyle tony.hoyle at march-hare.com
Wed Oct 19 18:15:55 BST 2005


bwhicks at aep.com wrote:
> 
> Is this correct? Why?
> 
group and passwd are considered security sensitive, so you can't add 
them to CVSROOT to avoid people checking them out and getting lists of 
active users/administrators (and in the passwd case, possibly their 
passwords too).

This is largely historical now that the default permissions for CVSROOT 
have been improved, since ordinary users can't even see CVSROOT unless 
the administrator lets them.  In recent cvsnt versions the restriction 
on passwd & group has been relaxed because of this.

Tony



More information about the cvsnt mailing list