Karl Chen wrote:
>>>>>> On 2006-11-07 13:40 PST, Max Bowsher writes:
> Max> I do not understand why a solution based on sudo forces
> Max> root ownership.
> Max> IIRC, the problem scenario is that www-data needs to run
> Max> hooks under the UID of a human user?
> Almost. If the problem were that the user wants to run the hook
> under his user account, the problem could be solved with sudo.
> That is a problem, but a bigger problem is that the administrator
> does not want to allow the user to run it under the apache user
> account (www-data) even if the user wants to.
What about deploying the wrapper hooks into all repositories, with
permissions set so the user cannot replace them?
Then the user cannot run arbitrary code as www-data.
I guess the permissions would involve the wrappers being owned by root,
mode 755, and the hooks directory would need +t, or otherwise
restrictive permissions to prevent the user from deleting the wrappers.
Still, I can see that it's not a wonderfully elegant solution.
Where would you envisage a potential exec helper being configured? I
suppose in httpd.conf and/or on the svnserve command line?
Received on Wed Nov 8 10:48:59 2006