From: Pandu Poluan <pandu@poluan.info>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] {OT} Development framework with access restriction?
Date: Sat, 1 Oct 2011 12:58:42 +0700 [thread overview]
Message-ID: <CAA2qdGW=5XKkuDxv=ZtAF8jxbfr_qOK_OhfoUS+Trrs18bLuug@mail.gmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 1682 bytes --]
On Oct 1, 2011 7:26 AM, "Michael Orlitzky" <michael@orlitzky.com> wrote:
>
> On 09/30/2011 07:59 PM, Grant wrote:
> >
> > Thanks for that. I haven't thought it all the way through, but if
> > Unix ownership and permissions aren't granular enough and subversion's
> > path-based authorization won't work, I will need to use ACLs. I think
> > both subversion's path-based authorization and Unix
> > ownership/permissions would be simpler to implement and maintain than
> > ACLs so I'm hoping it doesn't come to that.
> >
>
> ACLs really aren't as bad as they look at first. They work just like
> permissions on Windows, which are one of the few things it does right.
> My example is made much more difficult because /var/www contains
> directories writable by other customers.
>
> I know *my* config.php files are chgrp apache and chmod 660, but I don't
> expect everyone else to be so careful (and they shouldn't have to be).
>
> If you are going to go the version control route, I would suggest
> setting up a new repository with only the code that he will be working
> on. You can use a post-update script (or whatever svn calls them) on the
> server to pull his code into production. He doesn't need to access the
> files directly.
>
+1 on production server pulling from $VCS.
I'm currently assisting a friend of mine, who's the CEO of a business
incubator. In order to force them startups to use the $VCS, we require them
to first commit their codes to the $VCS, then have a script pull the newest
version into production.
At first, they whined. Oh, how they whined! But after the $VCS saved their
bacons many times, now they're firm believers in version control :-)
Rgds,
[-- Attachment #2: Type: text/html, Size: 2073 bytes --]
next reply other threads:[~2011-10-01 6:00 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-01 5:58 Pandu Poluan [this message]
-- strict thread matches above, loose matches on Subject: below --
2011-09-26 20:01 [gentoo-user] {OT} Development framework with access restriction? Grant
2011-09-26 21:37 ` Michael Orlitzky
2011-09-27 11:27 ` Mick
2011-09-29 1:18 ` Grant
2011-09-29 2:23 ` Grant
2011-09-29 6:57 ` Jonas de Buhr
2011-09-29 7:32 ` Mick
2011-09-30 23:53 ` Grant
2011-10-01 11:07 ` Florian Philipp
2011-10-01 23:27 ` Grant
2011-10-02 22:41 ` Mick
2011-10-03 22:01 ` Grant
2011-10-03 22:12 ` Michael Mol
2011-09-29 8:13 ` Neil Bothwick
2011-09-29 17:23 ` Michael Orlitzky
2011-09-30 23:59 ` Grant
2011-10-01 0:23 ` Michael Orlitzky
2011-10-01 23:46 ` Grant
2011-10-02 19:04 ` Michael Orlitzky
2011-10-03 21:54 ` Grant
2011-10-03 22:00 ` Michael Mol
2011-10-04 4:25 ` Michael Orlitzky
2011-09-27 12:19 ` Jonas de Buhr
2011-09-29 1:23 ` Grant
2011-09-29 6:43 ` Jonas de Buhr
2011-09-30 23:50 ` Grant
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAA2qdGW=5XKkuDxv=ZtAF8jxbfr_qOK_OhfoUS+Trrs18bLuug@mail.gmail.com' \
--to=pandu@poluan.info \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox