[19874] in Athena Bugs
Re: cvsadmin group
daemon@ATHENA.MIT.EDU (John Hawkinson)
Fri Oct 5 19:20:19 2001
Date: Fri, 5 Oct 2001 19:20:16 -0400
From: John Hawkinson <jhawk@MIT.EDU>
To: Garry Zacheiss <zacheiss@MIT.EDU>
Cc: golem@MIT.EDU, bugs@MIT.EDU, gnu@MIT.EDU
Message-ID: <20011005192016.D23491@multics.mit.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200110052313.TAA09170@brad-majors.mit.edu>
Garry Zacheiss <zacheiss@MIT.EDU> wrote on Fri, 5 Oct 2001
at 19:13:17 -0400 in <200110052313.TAA09170@brad-majors.mit.edu>:
> If you have further comments to add, I'd appreciate it if they
> addressed my proposal to make the cvs in the gnu locker not check for
> the user being a member of the cvsadmin group.
"Duh." This is clearly a no-brainer and a correct thing to do. I did
not think it necessary to say so.
Other comments follow in a postscript.
I'm sorry for choosing the word "stupid," a better, less inflammatory phrasing
might have been, "unwise."
--jhawk
�
postscript:
> I don't classify this as "stupid"; it's not unreasonable for
> centrally maintained services to claim certain special entries in the
> namespace for their own use.
It is unreasonable for such a service to choose a special entry in the
namespace that is already treated specially by a widely used piece of
software.
It should not be the case that, if someone builds their own version of
CVS in their own locker, it will then break when they login to a dialup,
just because someone who is on some moira group should happen to login
to that dialup.
In the perfect world, software should not use such special groups by
default.
In the next-to-perfect world, we would notice when such software exists
and gains the momentum of use, and reserve the moira group.
But never does it make sense for us to intentionally create a moira
group that will screw users.
If Ops wants to run a service with the blessing of moira, IMO a much
better idea is to use a group named something other than "cvsadmin".
What the name is doesn't matter, as long as it's not special-cased by
default in a popular tool.
> It's also irrelevant, since the cvsadmin moira group is in active use
> and isn't going anywhere.
If you believe that comments on past errors non-trivially correctable
are irrelevent, then this is true. I do not so-believe.
This should be a reminder to avoid letting this happen in the future,
and to be careful when creating special entries in the central namespace.
It's a problem for CVS, it's been a problem for usenet & news, I suspect
it is a problem for other things, too.
--jhawk
