Thanks for all the great tips, everyone!
Now time to roll up my sleeves and get into remembering how the heck
makefiles work.. :-)
On 12/6/07 12:24 PM, "Reedick, Andrew" <jr9445@ATT.COM> wrote:
> If you want anyone to be able to ftp:
>
> If you're on unix, look into using sudo. Lock down the passwords in a
> file readable only by a privileged user. Sudo runs the ftp script as
> the privileged user which can read the file. This way anyone can run
> the ftp script without knowing the passwords.
>
> Windows may or may not have a sudo equivalent. Talk to your admin.
> Worst case, you have a script called by a scheduled task that watches a
> directory, ftp's any file it sees, and deletes the file. All scripts
> and the scheduled task are readable only by a privileged user.
>
>
> Side note: if the developers have write access to the makefile, ant,
> ant tasks, and deploy scripts, then, from a security standpoint, it
> probably doesn't matter if the password is stored in plaintext or not.
> (They could Trojan the ant task and grab the password.) So if you're
> locking down passwords, then you also need to run trusted copies of ant,
> the ant tasks, the deploy scripts, etc. from a locked down directory.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Dec 6 21:29:20 2007