[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-hackers] Re: Project submissions at Savannah
From: |
Sylvain Beucler |
Subject: |
[Savannah-hackers] Re: Project submissions at Savannah |
Date: |
Tue, 20 Apr 2004 11:54:42 +0200 |
Hi,
On 2004.04.20 08:39, Elfyn McBratney wrote:
Yep, that might be because I don't seem to be getting all
savannah-hackers
list mail, though that's probably my ISP.
I could also be your spam filter. Since we receive daily spam at
savannah-hackers, maybe the filter makes mistakes...
> About the file upload interface, you should try to get the
> discussions on it in the archive, as well as read the news comments
> in: https://savannah.gnu.org/forum/forum.php?forum_id=2838
I spent about an hour going through the archives yesterday trying to
gather all the relevant posts, but gave up because mail.gnu.org was
taking ages to respond to single requests.
I might just download the mbox archives on
ftp-mailing-list-archives.gnu.org
and go from there..
I'll try to sum up.
The previous system was working using sftp and rsync over ssh and it
seems people liked it better.
But we have to change, because we would like every file to be GPG
signed.
As discussed in the news item 'forum', the new system is not perfect.
It allows people to upload things you signed, like e-mails. It does not
allow people to remove files. It does not allow people to manage their
files (move, rename, etc). It is cumbersome because of the need to sign
every single file.
A temporary solution is to create a web interface integrated in Savane
to manage people's files.
To get the right to manage the files (Unix side), the ftp-daemon could
create the files with www-data group, or else vsftpd and httpd could
share a Unix group.
The uploading system would stay the same.
The interface should IMHO first propose a very secure 'mv', and then we
could build a more user-friendly interface on top of it (file explorer,
etc). The main concern is that people should not access other people's
files, while the system can do it.
Another solution would have been to use CGI+suEXEC, but it would be
very tedious to set up.
A feature this module could provide would be file uploading: this would
permit to check the signature on the fly and provide accurate error
reporting, while providing basic authentication through Savane.
The goal in the long run would be to offer again a convenient way to
upload files. In particular, some people upload a lots of files, a
whole directory structure, to their upload area, and wish to continue
to do so.
The issues are:
- simplicity
- integrity
- efficiency
Simplicity because people do not like to sign their files. I am
currently trying to see whether gpg-agent is usable, which would quite
solve the issue. Currently gpg-agent is only available through the
latest CVS. We could contribute to GnuPG and provide an RPM for our
users. We could also provide a script, like Patrick's, to automatize
the task. The file management interface would still be usefull here for
people not familiar with rsync or sftp.
Integrity because we have to check that each file is signed.
Efficiency because we have to find a quick way to check all files: if
we provide again a rsync access, then we'll have to check all files on
all projects on a regular basis, like each day; files that are not
correctly signed would be deleted. We cannot even base our check on the
dates, since rsync provide a way to keep the source files timestamp.
I also have to check whether old files with expired signatures are
considered signed or not.
> I think I have a fair understanding of this feature, so we should
> have a talk before you start working on this. Also do not forget we
> have 2 volunteers who can work on this.
Sure. Right now, I've just been making notes, playing with little
bits of code, etc.. I'll send a mail later on today to savannah-
hackers with the ideas I've got so far and maybe we can start the
ball rolling from there? :)
Fine indeed. I just posted my ideas as well :)
> No. I think that is a temporary task that is more complicated than
> most of the permanent tasks we have to do.
Hrmm.. then what is the point of savannah-newprojects?
I guess we can extract all pending projects submittors, then mass
subscribe, and then send them a message with archive facility.
> I disagree with some points in Bradley's mail, mainly when he says
> that there were security flaws in Savane.
Well, there was the $feedback flaw, but that was discovered after the
decision to move to GForge was made (AFAIK). Unless they know of
flaws in Savane that we don't..
That's also my point. The message was posted before Lorenzo did his
audit.
> Last, the english word for your 'Lastly' is 'Last' :)
Hrmm.. *picks up dictionary*
lastly adv. finally; in the last place.
:-P
That's the last time I am foolish enough to make english advices.
Incidentally I learnt a new word :)
--
Sylvain
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-hackers] Re: Project submissions at Savannah,
Sylvain Beucler <=