CVSPermissions 0.3 patched to fix grep bug

CVSPermissions is a set of scripts that are called by CVS upon invoking
certain operations, such as commit (wisely, CVS has hooks for just this
purpose).  The scripts check an access control list, and
selectively permit operations based on username.  Unfortunately,
while the scripts come pretty elegantly close to “the simplest thing
that could possibly work,” they use grep without considering its
propensity for matching substrings within a string, so user “lou” will
match the ACL entry for “alouicious.”  The solution is adding ^
and $ around the grep regexes, which I have done in the attached
tarball.

I haven't heard back from Vivek Venugopalan, the author of
CVSPermissions, about the bug.  So, I am providing CVSPermissions
v 0.3-rlucas-1 with my patches.  GNU GPL applies and AS-IS; I have
tested only on GNU/Linux with CVS 1.12.9 and GNU grep 2.5.1.

http://cyber.law.harvard.edu/blogs/gems/rlucas/cvspermissions0.3rlucas1.tar.gz

Happily, this is an open source success story.  Boy meets slightly
broken but otherwise perfect software, boy fixes software, software
helps boy do work, boy gives software back to the world.  It
brings tears to my eyes.

Update 2005-12-01: Vivek has emailed back and incorporated the changes; get the latest version at: http://www.sanchivi.com/cm/cvspermissions/

Leave a Reply