The other (counter-) factor is that in large environments, users are often managed through YP or LDAP (and generally from the IT point of view lumped into a few giant groups like "engr" and "users").
These environments are not necessarily paranoid enough to need C2-level security (which is another nightmare to administer), but often do need to implement a coarse level of read/write control over modules for users. Also, even if a finer level of groups were implemented at the YP level, it's then hard to give access to a module to *one* user from an outside group without sticking them into that group at the YP level (and thus opening up that entire group's resources to them, instead of just the one module in the one repository). Independent CVS-maintained repository-level group management and access control is very useful in such environments. David R. Chase wrote: > I suppose it comes down to how you identify actual users, > since the system has to know somehow about who is trying > to access a module in order to allow or deny that access. _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
