[cvsnt] Re: How protect CVSROOT

Tony Hoyle tmh at nodomain.org
Tue Feb 25 21:58:42 GMT 2003


Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.


Zioowo wrote:

> Hi,
> 
> I would like to protect CVSROOT folder in my repository.
> 
> I give NTFS permissions for users (read, read & execute, list folders),
> but clients recieves: "permission danied for history file" and some
> options doesn't work good (for ex. update by tag)
> 
> When I give write permission to CVSROOT all is working good, bur users can
> change my admin files such as config, loginfo, notify ....

Your repository shouldn't be available on a network share - basically hide
it so only administrators can get at it (assuming the users can't log into
the box directly).

If you don't even want anyone to have commit rights you can lock down the
permissions then set LockDir or LockServer appropriately.

Also you can switch off impersonation and only give rights to LocalSystem,
which works in the case that you can't reasonably deny access any other way
(be aware though that this also causes scripts to run as LocalSystem which
may be a security risk).

> CVS: 1.11.1.3 beta 3 (build 44)

That's really ancient...  I'd strongly suggest you upgrade.

Tony



More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook