RE: repository permissions - some general security questions

From: Sander Striker <striker_at_apache.org>
Date: 2002-07-24 17:14:54 CEST

> From: Timothee Besset [mailto:timo@qeradiant.com]
> Sent: 24 July 2002 16:54

> Well that's my problem. Default httpd config:
> User nobody
> Group #-1
>
> I'm not sure what this means really .. but it looks to me like way too
> many things could be reading and writing in the repository. I know I can
> configure apache to run as a specific user/group, but that doesn't really
> solve the problem... I'm not sure I want to have my repository at the same
> access level as all the other stuff in my web pages.
>
> Then again .. I don't know what the implications are, but wouldn't things
> be better if a specific user/group could be defined for the svn repository
> area?
>
> TTimo

You could setup a second httpd and use ProxyPass to pass the requests to
the repository to your second server (which would be running on localhost
under a different user account and group).

Sander

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Jul 24 17:05:47 2002

This message: [ Message body ]
Next message: Scott Lamb: "Re: The Subversion GUI Issue"
Previous message: Beachey, Kendric: "RE: The Subversion GUI Issue"
In reply to: Timothee Besset: "Re: repository permissions - some general security questions"
Next in thread: Scott Lamb: "Re: repository permissions - some general security questions"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]