[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVS, SSH, (Light) Security
From: |
Richard Caley |
Subject: |
CVS, SSH, (Light) Security |
Date: |
Thu, 07 Mar 2002 14:12:01 GMT |
User-agent: |
Gnus/5.0808 (Gnus v5.8.8) XEmacs/20.4 (Emerald) |
[sorry if you see this twice, my first attempt seemed to go into
nowhere at a time when my ISP ws having problems]
I have a repository which is, for firewall and other practical
reasons) accessible only by ssh (ie CVS_RSH=ssh and :ext: repository
name).
I would like to give some people read only access. Preferrably only to
some modules.
CVS provides no support, as it does for pserver.
I can't, so far as I can see, use file permissions, users need write
acess to the repository to make lockfiles etc all over the place.
The best temporary solution I have been able to come up with is a
combination of
Give them ssh access with a restricted shell that only allows
cvs seerver to be run.
Create a commit test which fails for that user (Actually I do
it based on groups).
This is ugly and only partially works. Eg they can play with tags and
probably other potentially damaging things. For the current user this
is not a problem, I am really only trying to prevent accidental
errors, but in future I think I am loikely to need more.
Does anyone have a better solution?
--
Mail me as address@hidden _O_
|<
- CVS, SSH, (Light) Security,
Richard Caley <=
- Re: CVS, SSH, (Light) Security, Noel Yap, 2002/03/07
- Re: CVS, SSH, (Light) Security, Larry Jones, 2002/03/07