[darcs-users] Re: Access control
Simon Michael
simon at joyful.com
Sat Apr 30 14:02:31 UTC 2005
This is not ideal when you want to offer write access to some darcs
repo, but not full shell access to your whole system (my situation).
I tried scponly, but people could still see the rest of the system and
were able to copy cgi scripts into /var/somewhere and compromise the
system (I believe). Perhaps that could be stopped with more permissions
fiddling. scponly has a chroot option, but I'm on a hosted VPS where
that's not available.
So, I'm experimenting with the mail-in solution. This was much easier to
set up than I expected, except I have not managed to get it validating
signatures (or running tests). Also I think signing mails is going to be
difficult for many of my contributors. This does help me and trusted
users right now by making it easy to forward patches received by mail to
the repo. Still, I'm interested in any other options for granting secure
limited write access.
More information about the darcs-users
mailing list