[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: automated software packaging and release scripts?

From: Reuben Avery <reuben_at_swirl.net>
Date: 2007-12-06 21:27:59 CET

Thanks for all the great tips, everyone!

Now time to roll up my sleeves and get into remembering how the heck
makefiles work.. :-)

On 12/6/07 12:24 PM, "Reedick, Andrew" <jr9445@ATT.COM> wrote:
> If you want anyone to be able to ftp:
>
> If you're on unix, look into using sudo. Lock down the passwords in a
> file readable only by a privileged user. Sudo runs the ftp script as
> the privileged user which can read the file. This way anyone can run
> the ftp script without knowing the passwords.
>
> Windows may or may not have a sudo equivalent. Talk to your admin.
> Worst case, you have a script called by a scheduled task that watches a
> directory, ftp's any file it sees, and deletes the file. All scripts
> and the scheduled task are readable only by a privileged user.
>
>
> Side note: if the developers have write access to the makefile, ant,
> ant tasks, and deploy scripts, then, from a security standpoint, it
> probably doesn't matter if the password is stored in plaintext or not.
> (They could Trojan the ant task and grab the password.) So if you're
> locking down passwords, then you also need to run trusted copies of ant,
> the ant tasks, the deploy scripts, etc. from a locked down directory.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Dec 6 21:29:20 2007

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.