Mailinglist Archive: opensuse-buildservice (251 mails)

[Martin Mohring <martinmohring@xxxxxxxxxxxxxxxxxxx>]

Hi,

Adrian: fully correct.

And last but not least I will write down a list of cautions should you
still want to use the other flags also, because they are useful for you.

They do not make the system more unsecure compared to using only
"sourceaccess".

Martin

Adrian Schröter wrote:
> Am Mittwoch, 22. September 2010, 17:47:21 schrieb Martin Mohring:
>   
> > Hi,
> >
> > I would like to emphasize that the Access Control System implemented now
> > is more than just another flag. It the most intrusive API change of OBS
> > since a long time.
> >
> > Those willing to try out, we had documented the system here:
> > http://en.opensuse.org/openSUSE:Build_Service_Concept_ACL
> >
> > All the documented flags and permissions are implemented.
> >     
>
> Just to clarify, only "sourceaccess" is usable with 2.1.
>
> The others of this concept ("access" and "privacy") can't be used since 
> the protection of them is not complete. However you could allow the usage
> on your local instace by modifing the schema files of project and package 
> meta data (look for the commented out parts).
>
> "binarydownload" is also still there, but not considered as security
> mechanism so far. Just as bandwidth protection, since you can still "steal" 
> binaries protected via this flag in various ways.
>
>   

-- 
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx