Access Control in CVS

This page is about controlling the access which various users have to a CVS repository, with a focus on short-term solutions using existing tools. For more ideas on how CVS might be enhanced, see our Development of CVS: access control page.

The current mechanisms basically are as follows. For details on each one see the Cederqvist manual.

• The CVSROOT/readers file provides a way to designate users as read-only. For example, one would use this to provide anonymous CVS on the internet. As far as is known, it provides protection against people who are trying to circumvent it.
• The commitinfo file is one of the most powerful access control mechanisms available to CVS. For example, one can build access control lists via this hook. It only provides protection against casual or accidental violations; determined users will be able to circumvent it.
• The "cvsadmin" group can control the ability to run the "cvs admin" command. It only provides protection against casual or accidental violations; determined users will be able to circumvent it.
• Setting the operating system's file permissions of files in the repository is pretty much an all-or-nothing thing. Users will need write access to the repository to write to the repository, but also to read it (because CVS needs to create lock files). However, on an all-or-nothing level, this can be useful (see for example the CVSUMASK feature).

For more information

SDSS-CVS is an add-on to the CVS server (specifically, it sits between rshd and cvs). It is described in a page from Fermilab, and offers additional access controls beyond those provided by CVS.

Our security page is more concerned with making sure that only authorized users access CVS, rather than controlling what users can do once they are in.