[cvsnt] Re: group file question

bwhicks at aep.com bwhicks at aep.com
Wed Oct 19 19:11:11 BST 2005


So what is the recommended way to administer this? It almost seems like in
order to modify groups/passwords you have to have a shell account on the
box, or at least be able to overwrite the old group/passwd files with sftp
or ftp or some such tool. And unless you do that in conjunction with a cvs
commit, you lose the versioning for it.

Also, you mention that in recent versions that the restrictions are
"relaxed". What exactly does that mean? I thought the version 2.5.02.2099
that I'm using was relatively recent...

It would sure be nice to be able to add group to checkoutlist...

Brian



                                                                           
             Tony Hoyle                                                    
             <tony.hoyle at march                                             
             -hare.com>                                                 To 
             Sent by:                  cvsnt at cvsnt.org                     
             cvsnt-bounces at cvs                                          cc 
             nt.org                                                        
                                                                   Subject 
                                       [cvsnt] Re: group file question     
             10/19/2005 01:15                                              
             PM                                                            
                                                                           
                                                                           
                                                                           
                                                                           




bwhicks at aep.com wrote:
>
> Is this correct? Why?
>
group and passwd are considered security sensitive, so you can't add
them to CVSROOT to avoid people checking them out and getting lists of
active users/administrators (and in the passwd case, possibly their
passwords too).

This is largely historical now that the default permissions for CVSROOT
have been improved, since ordinary users can't even see CVSROOT unless
the administrator lets them.  In recent cvsnt versions the restriction
on passwd & group has been relaxed because of this.

Tony
_______________________________________________
cvsnt mailing list
cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt





More information about the cvsnt mailing list