Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
Hello, Bo Berglund <bo.berglund at telia.com> writes: > On Wed, 26 Apr 2006 21:22:48 +0530, "Soneji, Ketan" > <ksoneji at inteqnet.com> wrote: > >my CVSROOT/config file has the entry: > >AclMode=compat > > I have understood it like this: the way chacl works is to by default > give full access. Then each additional acl you set will be added on > top of that. > So if you want to finetune the access then the first thing you need to > do is deny access to all and then gradually build up from that. > Has been discussed a number of times the last few months so you should > be able to search the archives... Bo's response is especially true for AclMode=compat. If you want to explicitely give access there is AclMode=normal. This results in the above mentioned default-deny. It depends on the point of view, but this is the way ACL's work in most other contexts. AclMode=compat is there - as it's name suggests - for compatibility reasons and it's useful in most situations, where detailed acess control is not necessary. So if you plan to setup custom ACL's from scratch it may be a good idea to use AclMode=normal as a base. Best regards, O. Koltermann