Re: Wrong username for commits

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2004-12-05 16:52:32 CET

On Dec 5, 2004, at 9:29 AM, Gili wrote:

>
> More to the point: what prevents me from logging in using SSH as
> user1 and using "--tunnel-user user2"? Seems like a security risk...
>

How is that a risk?

Granting svn+ssh:// access to a user is exactly the same as giving
somebody a system account -- allowing them to ssh in -- and giving them
access to the database directly via file:///. And that's the same as
allowing the user to open the database files directly in their editor
and start mucking with fields however they want... changing authors,
log messages, etc.

So either you trust the user to have direct access to the database, or
you don't:

* If you trust them, you allow them to edit the database files
directly, via svn+ssh:// or file:///. The only "authorization" going
on is OS permissions on the database files.

* If you don't trust your users, then only allow a *single* server
process to edit the database, like apache or 'svnserve -d'. The server
process has exclusive access, and authorizes every client action.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun Dec 5 16:54:59 2004

This message: [ Message body ]
Next message: Gili: "Re: Wrong username for commits"
Previous message: Gili: "Re: Wrong username for commits"
Maybe in reply to: Gili: "Wrong username for commits"
Next in thread: Gili: "Re: Wrong username for commits"
Reply: Gili: "Re: Wrong username for commits"
Reply: Ben Collins-Sussman: "Re: Wrong username for commits"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]