You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Sachidanand Shukla <sh...@gmail.com> on 2008/05/15 10:56:33 UTC
Write Permission on repository may encourage UNIX user to tamper with repository (SSH)
Hi,
I am a clearcase administrator with NCR Corp. and am currently persuing
migration of Clearcase code to SVN.
I am using svn+ssh to access repositories on Windows clients and server is
on Solaris box.
my problem is that i create a login for user on solaris box and ask him to
access repository from Windows client, but as user has access to solaris box
also (as his login is created there and repositories also reside there) he
can temper with repositries because he belongs to the group to which
repository belongs.
i tried a lot but could not succeed in protecting it.
I have configured svnserv (text file) to mask the repository path amnd URL
does not disclose full path, but even then....
i tried
1. Restricted shell
2. chroot is not possible as server is being used by other teams also
3. changed .profile etc etc.
but all in vain.
please suggest some way to solve this problem
Sachidanand Shukla
Re: Write Permission on repository may encourage UNIX user to tamper with repository (SSH)
Posted by Andy Levy <an...@gmail.com>.
On Thu, May 15, 2008 at 6:56 AM, Sachidanand Shukla <sh...@gmail.com> wrote:
>
> I am a clearcase administrator with NCR Corp. and am currently persuing
> migration of Clearcase code to SVN.
> I am using svn+ssh to access repositories on Windows clients and server is
> on Solaris box.
> my problem is that i create a login for user on solaris box and ask him to
> access repository from Windows client, but as user has access to solaris box
> also (as his login is created there and repositories also reside there) he
> can temper with repositries because he belongs to the group to which
> repository belongs.
> i tried a lot but could not succeed in protecting it.
> I have configured svnserv (text file) to mask the repository path amnd URL
> does not disclose full path, but even then....
> i tried
> 1. Restricted shell
> 2. chroot is not possible as server is being used by other teams also
> 3. changed .profile etc etc.
> but all in vain.
This is actually documented in the manual. From
http://svnbook.red-bean.com/en/1.4/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.sshauth
"When running over a tunnel, authorization is primarily controlled by
operating system permissions to the repository's database files; it's
very much the same as if Harry were accessing the repository directly
via a file:// URL. If multiple system users are going to be accessing
the repository directly, you may want to place them into a common
group, and you'll need to be careful about umasks."
Not a solution, just pointing out that it is documented that this is
how things are intended to be.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Write Permission on repository may encourage UNIX user to tamper with repository (SSH)
Posted by Ben Collins-Sussman <su...@red-bean.com>.
In the future, please send usage questions to
users@subversion.tigris.org. This list is about the development of
Subversion itself.
To solve your problem, read this section in the book:
http://svnbook.red-bean.com/nightly/en/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.sshtricks
Or, if you want far far less hassle, don't use svn+ssh://, but just
plain svn:// instead. (Or even try https:// ).
On Thu, May 15, 2008 at 5:56 AM, Sachidanand Shukla <sh...@gmail.com> wrote:
> Hi,
>
>
> I am a clearcase administrator with NCR Corp. and am currently persuing
> migration of Clearcase code to SVN.
> I am using svn+ssh to access repositories on Windows clients and server is
> on Solaris box.
> my problem is that i create a login for user on solaris box and ask him to
> access repository from Windows client, but as user has access to solaris box
> also (as his login is created there and repositories also reside there) he
> can temper with repositries because he belongs to the group to which
> repository belongs.
> i tried a lot but could not succeed in protecting it.
> I have configured svnserv (text file) to mask the repository path amnd URL
> does not disclose full path, but even then....
> i tried
> 1. Restricted shell
> 2. chroot is not possible as server is being used by other teams also
> 3. changed .profile etc etc.
> but all in vain.
>
> please suggest some way to solve this problem
>
> Sachidanand Shukla
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: Write Permission on repository may encourage UNIX user to tamper
with repository (SSH)
Posted by John Peacock <jo...@havurah-software.org>.
Sachidanand Shukla wrote:
> my problem is that i create a login for user on solaris box and ask him
> to access repository from Windows client, but as user has access to
> solaris box also (as his login is created there and repositories also
> reside there) he can temper with repositries because he belongs to the
> group to which repository belongs.
Please don't crosspost to both users and dev lists; this question has
nothing to do with the development of Subversion itself, but rather is
about usage of the software itself.
There is no reason to give all of the users actual logins on the Solaris
box. This FAQ entry should help you:
http://subversion.tigris.org/faq.html#ssh-svnserve-location
plus this discussion:
http://svn.collab.net/repos/svn/trunk/notes/ssh-tricks
should give you some more background and tips. This does require a
slightly higher level of hands-on management when adding users, but is a
much more secure way to structure svnserve.
HTH
John
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Write Permission on repository may encourage UNIX user to tamper with repository (SSH)
Posted by Ben Collins-Sussman <su...@red-bean.com>.
In the future, please send usage questions to
users@subversion.tigris.org. This list is about the development of
Subversion itself.
To solve your problem, read this section in the book:
http://svnbook.red-bean.com/nightly/en/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.sshtricks
Or, if you want far far less hassle, don't use svn+ssh://, but just
plain svn:// instead. (Or even try https:// ).
On Thu, May 15, 2008 at 5:56 AM, Sachidanand Shukla <sh...@gmail.com> wrote:
> Hi,
>
>
> I am a clearcase administrator with NCR Corp. and am currently persuing
> migration of Clearcase code to SVN.
> I am using svn+ssh to access repositories on Windows clients and server is
> on Solaris box.
> my problem is that i create a login for user on solaris box and ask him to
> access repository from Windows client, but as user has access to solaris box
> also (as his login is created there and repositories also reside there) he
> can temper with repositries because he belongs to the group to which
> repository belongs.
> i tried a lot but could not succeed in protecting it.
> I have configured svnserv (text file) to mask the repository path amnd URL
> does not disclose full path, but even then....
> i tried
> 1. Restricted shell
> 2. chroot is not possible as server is being used by other teams also
> 3. changed .profile etc etc.
> but all in vain.
>
> please suggest some way to solve this problem
>
> Sachidanand Shukla
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: Re: Write Permission on repository may encourage UNIX user to tamper with repository (SSH)
Posted by Paul Koning <Pa...@Dell.com>.
I've done this by using SSH with digital signature access. I then put a
random password on each login account, and never disclose that to
anyone. The only access allowed is via the digital signature mode of
SSH. Then the login is set up to allow SVN only, no shell.
In this case no one has the password so there isn't much reason to
change it. Then again, if I wanted to change it to a new random string
daily, I could do so on my own, it wouldn't affect anyone.
Alternatively, if your management is really confused, you could make a
shell script that allows only two operations: svn access, and the passwd
command.
paul
From: Sachidanand Shukla [mailto:shukla.68@gmail.com]
Sent: Friday, May 16, 2008 1:20 AM
To: users@subversion.tigris.org
Subject: Re: Write Permission on repository may encourage UNIX user to
tamper with repository (SSH)
Thanks guys for the prompt reply, but issue is (if you take it as issue)
that according to our mngmt and policy in organization user should be
able to change password as and when required and so i need to create
their logins on Sol box. And the problem remains there only.
Sachidanand Shukla
On 15/05/2008, Sachidanand Shukla <sh...@gmail.com> wrote:
Hi,
I am a clearcase administrator with NCR Corp. and am currently persuing
migration of Clearcase code to SVN.
I am using svn+ssh to access repositories on Windows clients and server
is on Solaris box.
my problem is that i create a login for user on solaris box and ask him
to access repository from Windows client, but as user has access to
solaris box also (as his login is created there and repositories also
reside there) he can temper with repositries because he belongs to the
group to which repository belongs.
i tried a lot but could not succeed in protecting it.
I have configured svnserv (text file) to mask the repository path amnd
URL does not disclose full path, but even then....
i tried
1. Restricted shell
2. chroot is not possible as server is being used by other teams also
3. changed .profile etc etc.
but all in vain.
please suggest some way to solve this problem
Sachidanand Shukla
Re: Write Permission on repository may encourage UNIX user to tamper with repository (SSH)
Posted by Sachidanand Shukla <sh...@gmail.com>.
Thanks guys for the prompt reply, but issue is (if you take it as issue)
that according to our mngmt and policy in organization user should be able
to change password as and when required and so i need to create their logins
on Sol box. And the problem remains there only.
Sachidanand Shukla
On 15/05/2008, Sachidanand Shukla <sh...@gmail.com> wrote:
>
> Hi,
>
>
> I am a clearcase administrator with NCR Corp. and am currently persuing
> migration of Clearcase code to SVN.
> I am using svn+ssh to access repositories on Windows clients and server is
> on Solaris box.
> my problem is that i create a login for user on solaris box and ask him to
> access repository from Windows client, but as user has access to solaris box
> also (as his login is created there and repositories also reside there) he
> can temper with repositries because he belongs to the group to which
> repository belongs.
> i tried a lot but could not succeed in protecting it.
> I have configured svnserv (text file) to mask the repository path amnd URL
> does not disclose full path, but even then....
> i tried
> 1. Restricted shell
> 2. chroot is not possible as server is being used by other teams also
> 3. changed .profile etc etc.
> but all in vain.
>
> please suggest some way to solve this problem
>
> Sachidanand Shukla
>