[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: CGI script for self-administering password in svnserve passwd files

From: John Peacock <john.peacock_at_havurah-software.org>
Date: Thu, 14 Feb 2008 09:39:53 -0500

Jonathan Kamens wrote:
> I think from what you wrote below, you may actually be suggesting to put
> all the users' public keys into one account and have all the users
> access via that account, which would avoid both of the issues noted
> above but isn't really what the FAQ answer to which you referred says to do.

Yes, I forgot that the FAQ doesn't spell that out in that fashion (I
think I even wrote a patch once to change that). Yes, the files are all
owned by the svn service user, so there are no rights issues at all.

> We're only planning on allowing Subversion access to people who are
> either on our LAN or VPN'd in, so I'm not sure we want to take on the
> overhead of requiring SSH to access the repository.

Since you didn't describe that you were only allowing LAN-local access,
then there isn't any point in going to svn+ssh; it is really so much
easier/more secure when most of your access is from remote users.

John

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-02-14 16:01:26 CET

This is an archived mail posted to the Subversion Dev mailing list.