monotone-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] There's talk...

From: Thomas Keller
Subject: Re: [Monotone-devel] There's talk...
Date: Thu, 25 Oct 2007 10:47:17 +0200
User-agent: Thunderbird 2.0.0.6 (X11/20070728) 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Richard Levitte schrieb:
> Good ideas all around.  However, there needs to be an understanding;
> monotone.ca isn't a server dedicated to monotone, it's a shared
> server.  The main purpose for the purpose is to serve my business as
> well as whoever I choose to share the space with (monotone being the
> main one, actually).  To say it bluntly, I've been worrying about
> security.

Understood.

> I'm working on it, though, as my worries have so far made me the
> single point of failure for certain operations, such as releasing,
> something I don't quite enjoy (being the single point of failure, that
> is).  The "op" command will most probably be what I'll use to make it
> possible for others to perform certain needed operations.  I'll give
> it some more thought tonight.

I have to admit I don't know the "op" command, but wouldn't it be
sufficient to just create a non-root user which can manage his
/home/<user>, crontab, public_html aso.?

I mean from a trust point of view, you probably should not give root
access to anybody, not because we're harmful, but we're all making
mistakes sometimes and don't want to be sued for the mess afterwards ;)

And on the other hand I don't think the first thing we're trying to do
on your machine is to find a bug / workaround to get elevated rights
either...

> Now, as to the wiki, I'd be happy to serve.  I know that Graydon and
> Nathaniel use Moinmoin, and that would be easy enough to install.
> What's needed is the current database itself, and perhaps information
> on settings, possible plugins and so on.

If you can create a database user and set its database rights (mysql
commandline client access assumed), the rest can be done by someone else
having ssh access to the machine (I mean, more than scp access, which a
couple of us already have).

Thomas.

- --
only dead fish swim with the stream: http://thomaskeller.biz/blog
Am Anfang war das Wort: http://www.schäuble-muss-weg.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHIFgVaf7NlBYNEJIRAvAxAKDwxMBotef2b+cqDA/Uw3cPIYOd0wCfcJMa
vN7CEYs5YUSWnviVN04b66I=
=s0RE
-----END PGP SIGNATURE-----
reply via email to
[Prev in Thread] Current Thread [Next in Thread]