Securing Your Projects
The security of your projects relies on the security of your CVS repository, the repository’s computer and its environment, all the computers that contain sandboxes, your access method, your backup storage, and your developer’s working environments. The security of access methods is covered in Chapter 8. General computer security is outside the scope of this book, but you should consider it when securing your repository.
Sandboxes are checked out of the repository with the username of the user who creates them or does the checking out. If the client’s computer has a group that matches the group ownership of files in the repository, files in the sandbox are usually stored with that group ownership.
Permissions in a sandbox depend on the settings for new files in the
sandbox computer’s operating system, on whether the
user has the CVSREAD environment variable set,
and on whether the files are being watched with the cvs
watch commands. If a file is imported or added as
executable, it is set as executable in the repository and the
executable setting is preserved in the sandboxes. The
CVSREAD environment variable is described in
Section 6.10, later in this
chapter.
Repository security is more complex than sandbox security, and it is based on the filesystem security for the operating system that the repository is running under. The specific instructions in this section are based on traditional Unix and Linux filesystem permissions, but the principles can be used ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access