-----BEGIN PGP SIGNED MESSAGE-----
In <[EMAIL PROTECTED]>, on 06/14/99
at 08:43 AM, [EMAIL PROTECTED] said:
>You mentioned that "security is a primary goal," but you aren't root on
>your intended CVS host. If you trust root (and vice versa) already, just
>ask root to do some root stuff (like make you a sudo to create severely
>restricted accounts) to facilitate your work.
>IMO, to give various people access to one account and to try to restrict
>what each can do with that account is creating unnecessary work for
>oneself. (And root might revise its trust in you if s/he catches on.) Use
>one account per person and let the OS/sysadmin take care of the
>restrictions.
Well it's an issue of who has to do the work. I don't have a problem
spending the time to manage access to the CVS repository, my ISP on the
other had would. This extends to other apps also. I may want to restrict
ftp access to a group of files under my shell account. Or I might want to
have restricted web pages. It seems more of an effort to be setting up OS
level user accounts for a single application access control. It would be
nice if in linux one could set up sub-groups & sub-accounts, it would
simplify matters.
- --
- ---------------------------------------------------------------
William H. Geiger III http://www.openpgp.net
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii
Hi Jeff!! :)
- ---------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i OS/2 for non-commercial use
Comment: Registered_User_E-Secure_v1.1b1_ES000000
Charset: cp850
wnUDBQE3ZJoj0fdTsSGZnTUBAQIeAv9HpKzX0RdftNyh8h2DnRQ3gZ5y+UBB0uim
1bhkOnXrCIZqut+E08Pk8/0eDDLJ5rG/6bO6u/p6lQKooOzcOcQbkpcUuRo1Yjry
ZMMQhz4xv4OVNF6XToJUy5hS0w/ak/o=
=pTbs
-----END PGP SIGNATURE-----
