Re: [Monotone-devel] problem upgrading to 0.24

[Matthew Gregan]

At 2005-12-04T14:59:01-0800, Howard Spindel wrote:

> If I have a Windows box and I want to serve multiple monotone databases on
> it, and remote user Alice needs access to db1 but should be prohibited
> from accessing db2, how would you handle this?

Only private keys are stored (as a keypair) outside of the database in the
keystore.  Public keys are still stored in the database as before.  A
monotone server only needs a private key for the server, the only other keys
it might care about for remote users are their public keys.

So, in your example case, you load Alice's public key and set her read and
write permissions in the configuration as appropriate for db1 but not for
db2.

> Okay, I see that you could create a different Windows login for each
> database since the key is stored in a login specific location.  But that
> doesn't scale very well.  If I want to serve 25 databases should I be
> expected to create 25 different logins solely for the purpose of managing
> monotone keys?

Given the explanation above, you don't need 25 logins.  In addition, for any
use case where you do happen to need multiple keystores, you can specify a
specific keystore directory using the --keydir option.

On the other hand, for security reasons, if you have 25 separate monotone
repositories that should be as independent as possible, you probably do want
separate logins for each project you want to serve--but it's not a
requirement monotone imposes.

Cheers,
-mjg
-- 
Matthew Gregan                     |/
                                  /|                address@hidden