[ On Saturday, April 8, 2000 at 12:48:59 (+0200), Eivind Eklund wrote: ]
> Subject: Re: Cannot commit as root
>
> Seriously: There are cases where using CVS as root makes very good
> sense. For instance, at my employer, there are basically four roles
> we have for machines where it might be relevant to run CVS:
> 1. Workstation for a developer
> 2. Development test box for one of our own systems
> 3. Production box for one of our own systems
> 4. Development test box for the OSen we run
Workstation or not, development test box, or not, it's critical that
accountability be maintained, especially with a central CVS repository.
The superuser is never accountable, at least not on a POSIX system.
BTW it doesn't really matter if you or any other specific person feels
that accountability is necessary in your own immediate situation or not.
This isn't the kind of thing that can be turned on and off in specific
situations with a generically available switch since the very act of
turning it on or off can indeed be what leads to the loss of security.
If you think it's OK in your situation to never have any accountability
in your CVS repository then you are more than welcome to maintain a
private change that makes it possible for the superuser to do commits.
However don't expect that patch to be integrated into the main-line
sources. :-)
--
Greg A. Woods
+1 416 218-0098 VE3TCP <[EMAIL PROTECTED]> <robohack!woods>
Planix, Inc. <[EMAIL PROTECTED]>; Secrets of the Weird <[EMAIL PROTECTED]>
