Re: [RFC Draft] ACL in CVS proposal
Brought to you by:
tyranny
Menu
▾
▴
Re: [RFC Draft] ACL in CVS proposal
|
From: <mo...@no...> - 2001-08-18 05:28:18
|
08/18/2001 02:02:28 AM minyard wrote: >I'm copying the mailing list, since I assume you meant to send it >there, too. Ok, thanks. My comments are below. >If it's the same directory hierarchy, then the different directories >that house the different scripts can have different permission. And >I'm not against per-file permissions, I'm pointing out that it will be >the exception, not the rule; keeping that in mind can simplify the >design and improve the user interface. Maybe you're right. >> Should it be 'module administrators'? Or maybe it would be useful to add >> another type of action on ACL: 'allow to modify ACL [for a particular >> file/module/branch/etc]?' >If you are saying that we should allow something more fine-grained >(permission to make branches, permission to change ACLs), that's fine, >I agree that it could be useful; better than a simple owner. Yes, that's exactly what I mean. Yesterday we had an IRC session w/ Alex Mahotkin (sorry, mostly in Russian :-/), generally he agreed to extend list of actions that need to be ACLed and now he works on the new draft. >> Should it be the only person or each module/branch etc can have its own >> administrator? >Someone needs access to the repository with the ability to do >anything, and the verification needs to be done outside the normal ACL >verification (so if the ACLs accidentally get deleted or set wrong, >they can still work on the repository). Well, do you think that should be a superuser inside CVS [repository] (on per-repostitory basis)? Maybe we can just create several small maintainance programs for system administrator (in fact it should be enough to run these programs from within 'repository owner' system account) to perform rescue actions (like ACL recreation etc). I think this would ease and decrease amount of work needed. >I have a separate admin file >in the CVSROOT directory, anyone in that file can do anything to the >repository as if they were the owner. >I can ask some of the people that use my patch for input, or maybe we >can allow them on the mailing list, or maybe we can come up with a >strawman to run by the users to see what they think. My company now performs a poll for our CVS admins, project managers and team leaders on the subject. Probably we'll prepare a resuming document and publish it here. |
