Am Freitag 19 Dezember 2008 23:42:04 schrieb Alec Kloss:
> On 2008-12-19 13:08, Paul Koning wrote:
> > >>>>> "Bob" == Bob Archer <Bob.Archer_at_amsi.com> writes:
> >
> > Bob> Understood... but I am going by what the OP email said. And I
> > Bob> may misunderstand what he means. But... from what I gather...
Yeah, exactly.
> >
> > That requires setting up the server end so svnserve can run through an
> > SSH tunne, but regular interactive access is denied. That's easy.
> > Assign the users to a "shell" which is a script that refuses to let in
> > anything other than svnserve. Something like this:
Well, actually I would like to have the option to use /bin/bash via ssh. (Actually the users use it for scp only currently.)
> >
> > # cat /usr/local/bin/svnonly.sh
> > #!/bin/bash
> > if [ "$*" = "-c svnserve -t" ]; then
> > svnserve -t
> > exit $?
> > fi
> > while true; do
> > date; sleep 600;
> > done;
>
> Alternately, you can use sudo prior to running svnserve on the server
> with SVN+SSH. You allow people to run the real svnserve binary using
> a script like this:
Actually the server has only one user (meant as replacement for root) who is allowed to do sudo. But maybe I could just make a user "svn" with svnserve having setuid to "svn".
>
> #!/bin/sh
> #
>
> SVNSERVE=$(dirname $(realpath $0))/svnserve.bin
>
> if [ -z "$SUDO_USER" ] ; then
> exec sudo "$0" "$@"
> fi
> exec $SVNSERVE "--tunnel-user=$SUDO_USER" "--root=/repos" "$@"
>
> Also, plain svn protocol is at as secure as https if you're using a
> SASL mechanism that uses AES-256 encryption.
Ok, so would it be sufficient to _only_ add
[sasl]
use-sasl = true
min-encryption = 256
max-encryption = 256
to the svnserve.conf? Or would I have to do all this extra stuff with say
pwcheck_method: auxprop
auxprop_plugin: sasldb
sasldb_path: /etc/my_sasldb
mech_list: DIGEST-MD5
etc.
My current picture is that adding only these first three lines just encrypts the traffics. But it doesn't encrypt the password. (Although it seems that the password is already encrypted using a simple algorithm even if everything is turned off. It's not transfered as plain text.)
By the way, maybe I am just too paranoid. IIRC Git and Bazaar also allow direct access to the filesystem... ;-)
Philip
____________________________________________________________________
Psssst! Schon vom neuen WEB.DE MultiMessenger gehört?
Der kann`s mit allen: http://www.produkte.web.de/messenger/?did=3123
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=988450
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-01-30 17:38:11 CET