[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: FESco meeting summary for 20090507



Bill Nottingham wrote:
> Toshio Kuratomi (a badger gmail com) said: 
>> One thing that was mentioned was the lack of fs acls at the moment.
>> After looking at what we have now, I'm not sure that fs acls fix
>> anything that's not also broken currently.
>>
>> Currently:
>>
>> * the cvs repository has no fs acls
>> * unix group for all directories is set to packager with a sticky group bit.
>> * the cvs acl script limits who can actually commit to packages to
>> @provenpackager and the specific people involved.
>>
>> Implementation-wise, the proposal would allow the cvs acl script to have
>> @packager as another allowed group so people who are just in the
>> packager group can commit to a specific package.
>>
>> I can see fs acls being used to lock down our repo against bugs in the
>> cvs acl script or being used to replace the cvs acl script.  But that
>> seems to be somewhat separate from the proposal.  I don't think it would
>> solve anything specific to the proposal but could make things more
>> secure for both the current and proposed method.
>>
>> notting, do you see something that I don't?
> 
> You *could* swap the permissions so that all packages are only
> provenpackager-writable, and implement packager (and owner) access
> via FS acls.
> 
> Whether that scales or not is another matter.
> 
As long as the fs can record enough accounts I think this would scale
fine.  In terms of resources used, I'd imagine that it would be better
for us as we could theoretically stop using the cvs acl script and rely
solely on the filesystem to do the acl checking.

-Toshio

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]