 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Tue, Jan 28, 2014 at 11:20 AM, Edward Ned Harvey (blu) <blu at nedharvey.com> wrote: >> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss- >> bounces+blu=nedharvey.com at blu.org] On Behalf Of John Malloy >> >... > If you're going to grant ssh to the server anyway, then you might as well do svn over ssh. If you *don't* want to grant ssh access to the machine, then you're probably better off going with http/https. And to be clear, allowing ssh access to the svn command does not have to mean giving easy shell access. Here's a web page that documents two ways to restrict execution access via ssh: http://www.wallix.org/2011/10/18/restricting-remote-commands-over-ssh/ Note: I said "easy shell access". I don't know if there is some way to get a shell via svn (whether buffer overflow or legitimate but obscure command). If you really need to protect against criminal mischief (as opposed to just user error); you should obviously vet any method carefully. Bill Bogstad
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
