new features in package CVS
Adam Jackson
ajackson at redhat.com
Wed Jan 31 14:46:39 UTC 2007
On Wed, 2007-01-31 at 09:45 -0500, Dan Williams wrote:
> On Tue, 2007-01-30 at 15:48 -0800, Peter Gordon wrote:
> > Bill Nottingham wrote:
> > > To add an ACL to your package, add a 'pkg.acl' file to either
> > > the package toplevel, or to a particular branch, such as FC-6
> > > or devel. ACLs are inherited; branches will inherit ACLs from
> > > the toplevel.
> > >
> >
> > Is this ACL for CVS access only, or also for build submissions?
>
> For build submissions, it would seem fairly easy to have the build
> system check the pkg.acl from it's pristine pkgcvs checkout and ensure
> that the job owner is listed in the pkg.acl file, and otherwise fail the
> job. That's not as ideal as a real accounts system, since the buildsys
> would have to do some work before it could check the ACL, but it ensures
> that a build not requested by one of the owners would not be allowed.
>
> Those in the job_admin group might still be allowed to build any
> package, like they can kill/requeue/finish any job already. Thoughts?
On the one hand I like the idea of anyone being able to handle trivial
rebuilds. On the other this gives the opportunity for anyone in the
BuildRequires path to potentially inject something malicious into your
program, but they pretty much have that anyway.
So I think overall it's better to leave the ACL as CVS only.
- ajax
More information about the Fedora-maintainers
mailing list