|
|
Subscribe / Log in / New account

wish: better access control

wish: better access control

Posted Sep 16, 2005 22:24 UTC (Fri) by dann (guest, #11621)
Parent article: Mercurial: an alternative to git

One thing that seems to be missing in all the new VCS is access control.
(Well, openCM has it but it does not seem to be developed anymore).

I would be nice to be able to specify fine grain permissions to a VCS.

Here are some example use cases:
- some random people decide to work together on a project, it would be nice to be able to access the server without having to create a UNIX account, set up a webserver...
- restricting access to some files/directories - for example people doing just translations don't need to have access to the code (just to minimize accidents).
- restricting access to a branch - for security related branches, when a problem is discovered and before it is fixed, just a few select people need to know about it
- enforce a freeze before a release: the release manager can just make the branch read-only

to post comments

wish: better access control

Posted Sep 17, 2005 23:03 UTC (Sat) by kevinbsmith (guest, #4778) [Link] (5 responses)

Distributed VCS automatically gives developers the ability to work effectively without accounts on a central server. That means that contributors can work on whatever they want, with no risk of damaging the official tree.

In several distributed VCS systems, a branch is a directory. In that case, it's pretty easy to control access, including marking the whole branch as readonly.

Distributed VCS is really a whole new paradigm, and it takes a while for most people to even start to understand how to use this new tool effectively. It's not appropriate for all projects, but personally I think it is a big improvement for most FLOSS projects (where potential contributors may not be trusted yet), and for many/most projects of any kind where the developers are geographically distributed.

wish: better access control

Posted Sep 18, 2005 6:23 UTC (Sun) by dann (guest, #11621) [Link] (4 responses)

The fact is that when multiple people work on the same project their work
must be somehow merged together in a single place. If more than one person
has write access to that place, then it would be nice to have a way to control access.

wish: better access control

Posted Sep 18, 2005 14:26 UTC (Sun) by man_ls (guest, #15091) [Link] (2 responses)

I think the way to go in that case would be to have a "team leader" that picks the relevant changes from everyone and applies them to her own tree. So no need to have access control there. But maybe you are thinking of a different scenario.

wish: better access control

Posted Sep 18, 2005 15:40 UTC (Sun) by dann (guest, #11621) [Link] (1 responses)

Having a single leader that applies all the changes is simply NOT the way
a lot of (probably most) software is developed. Allowing more that one person to make changes is very important.

wish: better access control

Posted Sep 18, 2005 16:40 UTC (Sun) by man_ls (guest, #15091) [Link]

It is not how software is developed nowadays, but simply because we use the old paradigm of "single repository -- multiple branches". If we switched to a new distributed paradigm, where a developer publishes her changes and a leader imports them in order to make a version, these new tools would become indispensable. But don't you think that applying the old way of thinking to the new source management model would just add needless complexity?

wish: better access control

Posted Sep 22, 2005 18:39 UTC (Thu) by bos (guest, #6154) [Link]

Merging work and write access are orthogonal concepts.

Here's how merging works in a distributed SCM.

You publish your changes somewhere, and tell me. I pull them over, and merge my changes in. I publish the merged result, and tell you. You pull the results of the merge.

Now we both have your changes and mine, but at no point did either of us have write access to the other's storage.

Another way of approaching the issue: we both have write access to a shared server. However, in many systems, we can't push changes to the server without merging first, so the server cannot get into a messy unmerged state.

wish: better access control

Posted Sep 21, 2005 11:08 UTC (Wed) by droundy (subscriber, #4559) [Link] (1 responses)

I consider this an advantage of the new VCS (looking from a different perspective). By avoiding
integration of "user accounts" into the VCS itself, you can choose between any of the existing
systems that you already use for user authentication---unix groups, sudo, ssh public key
authentication, gpg signatures. This doesn't give the fine-grained control that you'd like, but I
don't really see a pressing need for that.

David

wish: better access control

Posted Sep 22, 2005 18:59 UTC (Thu) by Omnifarious (guest, #19508) [Link]

I've come to the conclusion that in a distributed SCM, fine grained access control and permissions management shouldn't be a design goal. There are better and easier ways of achieving the same results with a distributed SCM.

What should be a design goal is clear ownership of a patch or changeset, and that can easily be accomplished in most such systems with digital signatures.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds