![]() (To be fair, version control in some sense inherently requires participants to trust one another, since each one checks in code which the others usually just compile and run. Added to that, there's the question of scripts in CVSROOT (run under each client's UID, so that they can't impose dependable restrictions because hacked clients can bypass them, and conversely if anyone manages to check in a malicious script then all clients will start running it under their own UIDs and propagating malware) and then there's the issue of needing write permission in a directory to read it (although this can be fixed by correct repository administration, i.e. Now just occasionally you do actually want to do things like that (suppose you accidentally checked your password file into a repository, for example – you really would want to remove it from your CVS history, perhaps with a marker explaining what you'd done, rather than just checking in a subsequent change that deleted it) but it certainly isn't clear that allowing all users unrestricted access to do things like that is what you want to do. To allow a user to commit to a particular directory, you have to give them write permission on the whole directory, so there's nothing to stop them rewriting history: deleting or editing old revisions, altering log messages, etc. I'm pretty finicky about security, because I maintain a security product and can't really afford to cut corners on the repository where its code is going to be stored.ĬVS's security model is just awful. ![]() The article is just an attempt to share my experiences: things to watch out for, how to get the most out of Subversion, that sort of thing. ![]() In general, I have found Subversion to be linearly superior to CVS and I certainly don't regret migrating to it. He was probably expecting something more like a couple of paragraphs, but I thought, hey, why not do the job right? :-) This took a fair amount of thought and effort to do well, and shortly afterwards I was asked by a colleague if I could write something about my experiences. Until November 2004, all these projects were stored in CVS, along with probably 90% of the other free software in the world. I maintain a variety of published projects, ranging from fairly major things like PuTTY to tiny little Unix utilities and I have almost as wide a variety of unpublished projects as well, ranging from half-finished major programs to my personal. When I'm not at work, I'm a free software developer. It is developed as a free software project of the Apache Software Foundation.My Experiences With Subversion My Experiences With Subversion Costs are proportional to change size, not data size.Natively client/server, layered library design with clean APIs.Apache network server option, with WebDAV/DeltaV protocol.Branching and tagging are cheap (constant time) operations.Free-form versioned metadata (“properties”). ![]() Copying, deleting, and renaming are versioned.The main features of Apache Subversion are: Subversion (svn) exists to be recognized and adopted as a centralized version control system characterized by its reliability as a safe haven for valuable data the simplicity of its model and usage and its ability to support the needs of a wide variety of users and projects, from individuals to large-scale enterprise operations.
0 Comments
Leave a Reply. |