Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
Our server is on Windows and also provides a number of services other than CVS. Users are able to access the server for file storage but the share they can use for that is separate from the share where the CVS repository is. That share is not visible except by logging on to the server (desktop access, akin to shell access), which is something only administrators are allowed to do. I appreciate that your position, as described, is slightly different in that you need to allow your users to log-on to the server (shell access) rather than just giving them access to files there. Does Linux not have a way of preventing users from reading (cd'ing to) given folders ? I guess the way to set up the system might be to reserve part of its disk(s) for the CVS server, which would run using chroot, and make that part completely inaccessible to normal users via the shell. Does that sound practical ? Or does it just prove that I don't know Linux ...... Unhelpfully, Richard. -----Original Message----- From: cvsnt-bounces at cvsnt.org [mailto:cvsnt-bounces at cvsnt.org] On Behalf Of bwhicks at aep.com Sent: 20 October 2006 15:54 To: cvsnt at cvsnt.org cvsnt downloads at march-hare.com @CVSNT on Twitter CVSNT on Facebook Subject: Re: [cvsnt] linux host, and ACLs cvsnt-bounces at cvsnt.org wrote on 10/20/2006 10:35:50 AM: > Hmm... "unless you are doing something extremely dumb..." > Reason: the box is *not* dedicated, every user will have shell > access to the machine, I need this feature for other purposes. > > Remember: It's a unix server, and every user will have a shell > account on the machine. They will, via their shell account, be > able to "cd /to/places" on the same file system as the > repository. Thus, I believe it is much like ":local:" This changes EVERYTHING. if they have a shell account, they can already "cd /whatever/they/want", unless you've used filesystem acl's to prevent them. the problem with CVS though, especially CVSNT, is that it's designed for use as a networked server. So all of the security bits follow this idea. If you use :local:, all of the server stuff is bypassed. you're left with whatever the filesystem ACL's can do for you. here's what you need to consider. doing a "cd /" and poking around is totally separate from anything cvs related. this should be secured in whatever way you deem appropriate. you MAY want to chroot your cvs stuff so users can't do any permanent damage to the main system. since this isn't dedicated, what else do users do on this thing besides CVS that could also be a security problem? Also, as far as CVS is concerned, remember that users will need filesystem write access in order to do commits. this basically means that they can seriously damage/modify the actual repository (the ,v files) any way that they choose. make sure they only have access to what they need to have access to, and make sure they understand that they shouldn't do something stupid like "vi somefile.txt,v" or "cvs ci -m'doing something stupid here...' somefile.txt,v". Good luck. Brian _______________________________________________ cvsnt mailing list cvsnt at cvsnt.org cvsnt downloads at march-hare.com @CVSNT on Twitter CVSNT on Facebook http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt https://www.march-hare.com/cvspro/en.asp#downcvs