Re: repository permissions - some general security questions

From: Michael Wood <mwood_at_its.uct.ac.za>
Date: 2002-07-24 16:29:28 CEST

On Wed, Jul 24, 2002 at 10:14:21AM -0400, Kevin Pilch-Bisson wrote:
> On Wed, Jul 24, 2002 at 04:16:25PM +0200, Michael Wood wrote:
> > On Wed, Jul 24, 2002 at 04:02:07PM +0200, Timothee Besset wrote:
> > [snip]
> > > My problem is with the repository filesystem itself. The README
> > > advises to chmod 777 which give +rw to anything on the system. This is
> > > clearly a big hole, and blocker in my case. I want to have at least rw
> > > restricted to a specific group.
> > [snip]
> >
> > The user that apache runs as needs write access to the repository. I
> > don't think it needs to be world writable.
> >
> Well, if you want to use ra_local, then the repository needs to be writable by
> any user using the repository.

True, but then you can put them all in the same group and make the
repository group writable :)

-- 
Michael Wood <mwood@its.uct.ac.za>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Wed Jul 24 16:30:24 2002

This message: [ Message body ]
Next message: Brent R. Matzelle: "The Subversion GUI Issue"
Previous message: Kevin Pilch-Bisson: "Re: repository permissions - some general security questions"
In reply to: Kevin Pilch-Bisson: "Re: repository permissions - some general security questions"
Next in thread: Timothee Besset: "Re: repository permissions - some general security questions"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]