[darcs-users] Darcs over SSH

Daniel Carrera daniel.carrera at zmsl.com
Mon Jan 30 15:03:49 UTC 2006


Hi all,

I'm trying to figure out the best way to have a main repository where 
several can contribute. SSH seems to be the only alternative for this. 
I'm thinking of having a single user (called 'darcs') and asking all 
developers to send me their ssh key. But I'm concerned about the 
security issues:

1) The first issue is, of course, giving people SSH access to my server. 
I can reduce the problem by using the 'darcs-wrapper.pl' from here:

http://darcs.net/DarcsWiki/RepoViaSSH

But I'm not completely comfortable. I wonder if it's possible to use 
(say) FTP instead without opening other security holes.

2) If everyone shares the same account, I don't see how we can verify 
who did what. There's always a (small) chance of malicious developers. 
Of course, you always try to only give access to people you trust. But 
in the real world, some times you give access to the wrong person. It 
can happen. And a malicious person could just create a darcs repo using 
someone else's name, make malicious changes and then push.

Is there a way to add non-repudiability to Darcs?

Thank you for your help.

Cheers,
Daniel.
-- 
      /\/`) http://oooauthors.org
     /\/_/  http://opendocumentfellowship.org
    /\/_/
    \/_/    I am not over-weight, I am under-tall.
    /




More information about the darcs-users mailing list