Re: CVS and SSH
On Mårdi 12 Måss 2002 02:42, Joey Hess wrote:
> Sven Gaerner wrote:
> > I've got a (hopefully) little proble.m. I want to grant some people
> > CVS access to my machine. They should connect by using SSH but I don't
> > want to give them a shell. They should be able to use CVS with SSH but
> > without logging in to my machine.
> >
> > Does anyone have an idea how to get this working?
> >
> > Please CC any answers to me because I'm not subscribed.
>
> Are these people going to be able to commit to the repository or not?
>
> If not, it's easy: http://kitenet.net/programs/sshcvs
>
> If they need to be able to commit too, it becomes much harder, since cvs
> is not designed to prevent committers from getting shell access, in
> general. You need to make sure they cannot commit to certian files in
> CVSROOT which shell code can be put into (I've seen this used to get
> shell access to sourceforge, though they may have closed that hole now).
Couldn't you just replace the command launching the shell (e.g. /bin/bash in
/etc/passwd) by some simple script telling that connection is refused ?
In such a way, connection is allowed but offers no shell.
--
Grégory Soyez
Université de Liège
Institut de Physique
Allée du VI Août, Bât B5
B-4000 Sart-Tilman LIEGE 1
Tel : +32 (0)4 366 36 04
Fax: +32 (0)4 366 36 72
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: