Re: controlling read access with file:// and svn+ssh://

From: Andreas Hasenack <andreas_at_mandriva.com.br>
Date: 2007-06-22 13:49:40 CEST

On Thu, Jun 21, 2007 at 05:59:10PM -0400, Thomas Harold wrote:
> In addition, with svn+ssh:// you can limit those users (if you use public
> keys) to only being able to run the svnserve program. So even though those
> accounts have permissions at the file system level to the actual repository
> DB - you don't have to give them the ability to login and get a shell.
>
> http://svn.collab.net/repos/svn/trunk/notes/ssh-tricks
>
> That limits the amount of damage that a user can do, unless they figure out
> some way to get access to the server's file system.

I'm already doing that, thanks (but with a wrapper script, as the same
server needs to provide git service as well).

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Jun 22 14:20:34 2007

This message: [ Message body ]
Next message: Brad Stiles: "Re: Windows command to delete all .svn dirs"
Previous message: George Stein: "Re: Windows command to delete all .svn dirs"
In reply to: Thomas Harold: "Re: controlling read access with file:// and svn+ssh://"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]