[Xorg] New committer process?
Egbert Eich
eich at pdx.freedesktop.org
Tue Jun 15 10:35:23 PDT 2004
Keith Packard writes:
>
> Around 11 o'clock on Jun 14, Egbert Eich wrote:
>
> > I've tried to take into account discussions we had previously on this and
> > other lists. Please note that this is only a draft and should serve as an
> > RFC. I'm not aware of any comments so far.
>
> Let's have a few comments then.
>
> Given that CVS is completely insecure (anyone with write access can damage
> or destroy the repository), I suggest that we need some minimal process for
> granting write access.
Yes, for the way we handle things this is definitely true.
However This would only apply of someone either screws up on purpose
or is crazy enough to do things that he has no clue about. (You can
only destroy the repository when you access the files directly.)
Frequent backups of the repository would help to lessen the danger
of loosing things in this event.
>
> I don't know what form this should take though; the proposal for
> 'sponsorship' has a lot of benefits, but does tend to shut out people who
> are new on the scene. We might also consider granting access in some kind
I don't understand this. Not giving CVS write access immediately does
not shut out people.
Requiring some minimal proof of the sincerity of the request and the
quality of work before letting people write to CVS does not seem to
be unreasonable to me.
I would expect that anybody who is interested in providing new code
would check out the tree, hack away, come up with an initial implementation,
make it public (mailinglist, bugzilla) and then - if his code seems reasonably
sane - he gets CVS commit access.
> of incremental fashion; with early access limited to 'less sensitive'
I like to keep the process lightweight. Such things can be done by acls
but this would increase the complexity.
> parts of the tree. It would also be nice to have some kind of
> identification for each committer to prevent spoofed access.
>
To spoof access you would have to obtain someones identity.
Do you expect this?
Egbert.
More information about the xorg
mailing list