| 1 |
On 09/30/2011 07:59 PM, Grant wrote: |
| 2 |
> |
| 3 |
> Thanks for that. I haven't thought it all the way through, but if |
| 4 |
> Unix ownership and permissions aren't granular enough and subversion's |
| 5 |
> path-based authorization won't work, I will need to use ACLs. I think |
| 6 |
> both subversion's path-based authorization and Unix |
| 7 |
> ownership/permissions would be simpler to implement and maintain than |
| 8 |
> ACLs so I'm hoping it doesn't come to that. |
| 9 |
> |
| 10 |
|
| 11 |
ACLs really aren't as bad as they look at first. They work just like |
| 12 |
permissions on Windows, which are one of the few things it does right. |
| 13 |
My example is made much more difficult because /var/www contains |
| 14 |
directories writable by other customers. |
| 15 |
|
| 16 |
I know *my* config.php files are chgrp apache and chmod 660, but I don't |
| 17 |
expect everyone else to be so careful (and they shouldn't have to be). |
| 18 |
|
| 19 |
If you are going to go the version control route, I would suggest |
| 20 |
setting up a new repository with only the code that he will be working |
| 21 |
on. You can use a post-update script (or whatever svn calls them) on the |
| 22 |
server to pull his code into production. He doesn't need to access the |
| 23 |
files directly. |
Archives