On 7/16/06, Nico Kadel-Garcia <nkadel@comcast.net> wrote:
> gmu 2k6 wrote:
>
> > sorry, but I don't want to have any sort of http-daemon running at
> > all. actually I also have OpenSSH running and that together with
> > svnserve is enough of an attack vector besides the ineviatable but
> > securable tcp/ip stack itself.
> > running too many services on one box is not good, security and
> > performance-wise. I'm trying to keep both Dual-Core CPUs free for all
> > the hard work
> > svnserve does when updating/committing (actually I'm happy svnserve
> > can saturate the CPU but this naturally does not leave much space for
> > additional services).
>
> Hmm. How do you allow the users in to change their passwords, then?
they tell me they want a new password and I send them one. if I allow
them to send a mail to an auto-reply bot 1) we need an SMTP server and
2) also some sort of authentication. the company is small enough to
ignore social engineering
for the inside.
company-mail-server username = svn username
ergo:
$change_and_mail_new_svn_pwd <username>.
of course using LDAP or Active Directory (which is available) would be
better but svnserve is the only way to go because of
performance/scalability reasons.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun Jul 16 14:52:57 2006