Derek Price wrote:
Jim Hyslop wrote:
One thing I didn't see in the discussion (maybe I missed it) is: why
is this feature desirable? What are the benefits of it? (I have some
ideas, but I'm going to play dumb here [smart remarks > /dev/null] :=)
You were looking for more than: "CVS does not provide verification of
past revisions of files. Attackers with access to a CVS repository could
replace file contents or add new revisions apparently from a project
member without users noticing on checkout."
Sorry, my background as a corporate developer is showing through. I was
thinking just in terms of a corporate repository, not something as large
and complex as Savannah or Sourceforge. Now I see, thanks.
--
Jim
_______________________________________________
Bug-cvs mailing list
[email protected]
http://lists.nongnu.org/mailman/listinfo/bug-cvs
