[darcs-users] Re: Access control

Simon Michael simon at joyful.com
Sat Apr 30 14:02:31 UTC 2005


This is not ideal when you want to offer write access to some darcs 
repo, but not full shell access to your whole system (my situation).

I tried scponly, but people could still see the rest of the system and 
were able to copy cgi scripts into /var/somewhere and compromise the 
system (I believe). Perhaps that could be stopped with more permissions 
fiddling. scponly has a chroot option, but I'm on a hosted VPS where 
that's not available.

So, I'm experimenting with the mail-in solution. This was much easier to 
set up than I expected, except I have not managed to get it validating 
signatures (or running tests). Also I think signing mails is going to be 
difficult for many of my contributors. This does help me and trusted 
users right now by making it easy to forward patches received by mail to 
the repo. Still, I'm interested in any other options for granting secure 
limited write access.





More information about the darcs-users mailing list