Re: Security options

info-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security options

From:	Kaz Kylheku
Subject:	Re: Security options
Date:	Thu, 19 Dec 2002 10:04:01 -0800 (PST)

On Thu, 19 Dec 2002, Phil R Lawrence wrote:

> My best idea is to leave cvs-phil with a regular shell, but disallow 
> su'ing to cvs-phil (via chuser on AIX, but how about linux?).  Since our 
> server will be physically secured, no one could directly log onto the 
> console as cvs-phil.  Then SSH will be configured to only allow the cvs 
> command.
> 
> Any other thoughts?

You can write a shell script which serves as the user's login shell.
That script can do arbitrary filtering to allow or disallow commands.
I had one such a script that would allow CVS access, but only to a
specified repository. It filtered out any -d option, and put in its
own.

[Prev in Thread]

Current Thread

[Next in Thread]

RE: Security options :-(, Zieg, Mark, 2002/12/17
- Re: Security options :-(, Phil R Lawrence, 2002/12/17
- RE: Security options :-(, Zieg, Mark, 2002/12/17
  - Re: Security options :-(, Geoff Beier, 2002/12/17
- RE: Security options :-(, Zieg, Mark, 2002/12/17
  - Re: Security options, Phil R Lawrence, 2002/12/19
    - Re: Security options, Kaz Kylheku <=
- RE: Security options :-(, Douglas Finkle, 2002/12/17

Prev by Date: Re: Security options
Next by Date: (newbie) Which is the actual cvsroot?/remote repository access
Previous by thread: Re: Security options
Next by thread: RE: Security options :-(
Index(es):
- Date
- Thread