[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Wrong username for commits

From: Gili <junk_at_bbs.darktech.org>
Date: 2004-12-05 17:09:06 CET

        Well, the only reason I am even running Subversion this way is
because there doesn't seem to be a better way to run it through a SSH
tunnel. Ideally I want a single Subversion server running in daemon
mode and authenticating all operations like you mentioned and have the
SSH client connect to the Subversion server using normal client
operations. Right now we are having the SSH client spawn a Subversion
server per connection which is far from ideal (for performance and
security reasons).

        Isn't there a way for us to do this?

1) SSH server and Subversion server running in deamon mode
2) User connects to the server using SSH client
3) User invokes svn client operations on the remote connection


On Sun, 5 Dec 2004 09:52:32 -0600, Ben Collins-Sussman wrote:

>On Dec 5, 2004, at 9:29 AM, Gili wrote:
>> More to the point: what prevents me from logging in using SSH as
>> user1 and using "--tunnel-user user2"? Seems like a security risk...
>How is that a risk?
>Granting svn+ssh:// access to a user is exactly the same as giving
>somebody a system account -- allowing them to ssh in -- and giving them
>access to the database directly via file:///. And that's the same as
>allowing the user to open the database files directly in their editor
>and start mucking with fields however they want... changing authors,
>log messages, etc.
>So either you trust the user to have direct access to the database, or
>you don't:
> * If you trust them, you allow them to edit the database files
>directly, via svn+ssh:// or file:///. The only "authorization" going
>on is OS permissions on the database files.
> * If you don't trust your users, then only allow a *single* server
>process to edit the database, like apache or 'svnserve -d'. The server
>process has exclusive access, and authorizes every client action.

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun Dec 5 17:10:59 2004

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.