Re: [HCoop-Discuss] SVN security issues

From: Karl Chen <quarl_at_cs.berkeley.edu>
Date: 2006-11-08 09:49:09 CET

>>>>> On 2006-11-07 13:40 PST, Max Bowsher writes:

Max> I do not understand why a solution based on sudo forces
Max> root ownership.

Max> IIRC, the problem scenario is that www-data needs to run
Max> hooks under the UID of a human user?

Almost. If the problem were that the user wants to run the hook
under his user account, the problem could be solved with sudo.

That is a problem, but a bigger problem is that the administrator
does not want to allow the user to run it under the apache user
account (www-data) even if the user wants to.

-- 
Karl 2006-11-08 00:47
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Wed Nov 8 09:49:24 2006

This message: [ Message body ]
Next message: Karl Chen: "Re: [HCoop-Discuss] SVN security issues"
Previous message: Christof Hanke: "python bindings to modauthz's AuthUserFile"
In reply to: Max Bowsher: "Re: [HCoop-Discuss] SVN security issues"
Next in thread: Max Bowsher: "Re: [HCoop-Discuss] SVN security issues"
Reply: Max Bowsher: "Re: [HCoop-Discuss] SVN security issues"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]