Re: CGI script for self-administering password in svnserve passwd files

From: John Peacock <john.peacock_at_havurah-software.org>
Date: Thu, 14 Feb 2008 09:39:53 -0500

Jonathan Kamens wrote:
> I think from what you wrote below, you may actually be suggesting to put
> all the users' public keys into one account and have all the users
> access via that account, which would avoid both of the issues noted
> above but isn't really what the FAQ answer to which you referred says to do.

Yes, I forgot that the FAQ doesn't spell that out in that fashion (I
think I even wrote a patch once to change that). Yes, the files are all
owned by the svn service user, so there are no rights issues at all.

> We're only planning on allowing Subversion access to people who are
> either on our LAN or VPN'd in, so I'm not sure we want to take on the
> overhead of requiring SSH to access the repository.

Since you didn't describe that you were only allowing LAN-local access,
then there isn't any point in going to svn+ssh; it is really so much
easier/more secure when most of your access is from remote users.

John

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-02-14 16:01:26 CET

This message: [ Message body ]
Next message: Stephen Butler: "Tree conflict detection in 'svn merge'"
Previous message: C. Michael Pilato: "Re: FW: Repeatable svnsync failure on a particular revision"
In reply to: Jonathan Kamens: "Re: CGI script for self-administering password in svnserve passwd files"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]