[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] There's talk...

From: Richard Levitte
Subject: Re: [Monotone-devel] There's talk...
Date: Thu, 25 Oct 2007 12:01:01 +0200 (CEST)

In message <address@hidden> on Thu, 25 Oct 2007 10:47:17 +0200, Thomas Keller 
<address@hidden> said:

me> I have to admit I don't know the "op" command, but wouldn't it be
me> sufficient to just create a non-root user which can manage his
me> /home/<user>, crontab, public_html aso.?

I take it you're talking about the wiki, and thereby a shared
account.  The "op" command allows me to set up some restricted
commands to be performed by selected users as another user and/or
group, and I much prefer a model where everyone involved have personal
accounts and manage shared things through something like the "op"

And the thing is, I plan to make it possible to share other tasks as
well, such as adding key identities to monotone's write-permissions
and things like that (well, ok, that one will be until I've tested the
current policy branch stuff well enough, but still)...

me> I mean from a trust point of view, you probably should not give
me> root access to anybody, not because we're harmful, but we're all
me> making mistakes sometimes and don't want to be sued for the mess
me> afterwards ;)

Right, but there may still be some sensitive things that need to be
done.  Such things can be defined very safely and precisely through
the "op" command.

me> And on the other hand I don't think the first thing we're trying
me> to do on your machine is to find a bug / workaround to get
me> elevated rights either...

No, I don't expect anyone to misbehave, it's more a sense of
protecting you as well as myself against foreseeable human mistakes.

me> > Now, as to the wiki, I'd be happy to serve.  I know that Graydon
me> > and Nathaniel use Moinmoin, and that would be easy enough to
me> > install.  What's needed is the current database itself, and
me> > perhaps information on settings, possible plugins and so on.
me> If you can create a database user and set its database rights
me> (mysql commandline client access assumed), the rest can be done by
me> someone else having ssh access to the machine (I mean, more than
me> scp access, which a couple of us already have).

That can be done, sure.  I'll do what I can tonight.
MySQL, btw?  I thought moinmoin used its own database...


Please consider sponsoring my work on free software.
See for details.

Richard Levitte                         address@hidden

"When I became a man I put away childish things, including
 the fear of childishness and the desire to be very grown up."
                                                -- C.S. Lewis

reply via email to

[Prev in Thread] Current Thread [Next in Thread]