Nicolás Reynolds <[email protected]> writes: > So gitosis is broken, spits errors when adding new users (even from the server > itself) and I really don't know how to debug it. > > We were discussing on the channel if the privilege separation gitosis > provides is useful to us, since permissions are given to everyone to > every git repo anyway. > > Smv says gitosis not only does this but also *only* allows the git user > ([email protected]) access to the git repos. If we > were going to manage push privileges using regular ssh > methods (ssh-copy-id, authorized_keys, etc.), people could not only push > to the repos but have shell login if available or access to the full git > user's home, included .ssh/authorized_keys.
Should it be possible that the script which verify authorithy ask another "securly closed" server rather than the normal .ssh/authorized_keys? > IMO this isn't a problem since it would allow anyone to quickly > participate on git development simply by being involved and having > another hacker to allow his pubkey. Or any other policies we define > politically rather than technically. > > And git, being an unprivileged user, shouldn't have access to any other > important system files. We could even chroot it for that matter. The > point is that security shouldn't hinder participation and simplicity. > > What do you think? > _______________________________________________ > Dev mailing list > [email protected] > http://lists.parabolagnulinux.org/mailman/listinfo/dev <#secure method=pgpmime mode=sign> -- Aurelien - Animateur P@m-Sarte http://libreplanet.org/wiki/User:Aurelien Free Software & Zen Minimalism Hactivist Fight for your freedom rights! Join FSF.org Fully Free Operating System at GNU.org ( ) ° ° · _______________________________________________ Dev mailing list [email protected] http://lists.parabolagnulinux.org/mailman/listinfo/dev
