The CVS Accesslist Patch is a safe way to keep users accessing only
the modules you specify. It works simply: A person is only able to
perform CVS operations if he has a copy of the original module on his
machine. It has a configuration file under the CVSROOT tree; in this
file, you specify which user will be able to access the modules in
your repository.
