Re: [HCoop-Discuss] SVN security issues

From: Marcus Rueckert <darix_at_web.de>
Date: 2006-11-06 11:09:37 CET

hi,

1. you cant setuid scripts. it would need to be a binary.
2. you can have a small script that calls the user script with sudo e.g.
that way you wouldnt need any stating.

Such script could look like:

[[[
   #!/bin/sh
   if [ -e "../userhooks/post-commit" ] ; then
       sudo -u someuser ../userhooks/post-commit
   fi
]]]

anyway. i would recommend to review any user script anyway. and only
allow the admin team to place new scripts. no matter if they run as user
or not. the users can do still bad stuff to your server.

-- 
           openSUSE - SUSE Linux is my linux
               openSUSE is good for you
                   www.opensuse.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Mon Nov 6 11:09:57 2006

This message: [ Message body ]
Next message: Karl Chen: "Re: [HCoop-Discuss] SVN security issues"
Previous message: Karl Chen: "Re: [HCoop-Discuss] SVN security issues"
In reply to: Karl Chen: "Re: [HCoop-Discuss] SVN security issues"
Next in thread: Karl Chen: "Re: [HCoop-Discuss] SVN security issues"
Reply: Karl Chen: "Re: [HCoop-Discuss] SVN security issues"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]