Lists: | spi-general |
---|
From: | Joerg Jaspert <joerg(at)ganneff(dot)de> |
---|---|
To: | Ian Jackson <ijackson(at)chiark(dot)greenend(dot)org(dot)uk>, MJ Ray <mjr(at)phonecoop(dot)coop>, Jimmy Kaplowitz <jimmy(at)spi-inc(dot)org> |
Cc: | spi-board(at)lists(dot)spi-inc(dot)org, spi-general(at)lists(dot)spi-inc(dot)org |
Subject: | Meeting agenda bot, website, git, ssh |
Date: | 2009-01-18 22:04:59 |
Message-ID: | 87bpu49sok.fsf@vorlon.ganneff.de |
Views: | Raw Message | Whole Thread | Download mbox |
Lists: | spi-general |
Hi,
we now have a git service up and running, in which we can put the data
for our new website and also the to-be-written Meeting agenda bot.
A webview is behind http://git.spi-inc.org/cgi-bin/gitweb.cgi and that
also shows you the git checkout urls for the anonymous clone, basically
the usual simple git://git.spi-inc.org/$project.git
Those that need write access (Hello Ian, MJ, Jimmy) should send me a ssh
key they want to use for it. Clone from git(at)git(dot)spi-inc(dot)org:$project.git
--
bye, Joerg
Some NM:
main contains software that compiles with DFSG.
[hehehe, nice typo]
Of course, eye mean "complies", knot "compiles". Sum typos cant bee
caught bye spelling checkers.
From: | Ian Jackson <ijackson(at)chiark(dot)greenend(dot)org(dot)uk> |
---|---|
To: | Joerg Jaspert <joerg(at)ganneff(dot)de> |
Cc: | spi-general(at)lists(dot)spi-inc(dot)org |
Subject: | Re: Meeting agenda bot, website, git, ssh |
Date: | 2009-01-19 10:44:38 |
Message-ID: | 18804.22934.587174.753919@chiark.greenend.org.uk |
Views: | Raw Message | Whole Thread | Download mbox |
Lists: | spi-general |
Joerg Jaspert writes ("Meeting agenda bot, website, git, ssh"):
> we now have a git service up and running, in which we can put the data
> for our new website and also the to-be-written Meeting agenda bot.
>
> A webview is behind http://git.spi-inc.org/cgi-bin/gitweb.cgi and that
> also shows you the git checkout urls for the anonymous clone, basically
> the usual simple git://git.spi-inc.org/$project.git
Great.
> Those that need write access (Hello Ian, MJ, Jimmy) should send me a ssh
> key they want to use for it. Clone from git(at)git(dot)spi-inc(dot)org:$project.git
Willdo.
Is there one single access control setup for the whole thing, or are
there several ? It would be nice to be able to let people edit the
website without giving them the power to run code on the server, for
example.
Ian.
From: | Joerg Jaspert <joerg(at)debian(dot)org> |
---|---|
To: | Ian Jackson <ijackson(at)chiark(dot)greenend(dot)org(dot)uk> |
Cc: | spi-general(at)lists(dot)spi-inc(dot)org |
Subject: | Re: Meeting agenda bot, website, git, ssh |
Date: | 2009-01-19 23:20:46 |
Message-ID: | 871vuyzxv5.fsf@vorlon.ganneff.de |
Views: | Raw Message | Whole Thread | Download mbox |
Lists: | spi-general |
>> Those that need write access (Hello Ian, MJ, Jimmy) should send me a ssh
>> key they want to use for it. Clone from git(at)git(dot)spi-inc(dot)org:$project.git
> Willdo.
> Is there one single access control setup for the whole thing, or are
> there several ? It would be nice to be able to let people edit the
> website without giving them the power to run code on the server, for
> example.
Noone gets access to the server directly. :)
(Well, in case someone needs access to a server, we can certainly
arrange things. But thats completly seperate from git access)
--
bye, Joerg
Von einem Besucher auf dem LT:
Die 3 Microsoft-Leute auf Ihrem Stand müssen sich vorkommen wie 3
Mönche im Puff.
From: | Wichert Akkerman <wichert(at)wiggy(dot)net> |
---|---|
To: | Ian Jackson <ijackson(at)chiark(dot)greenend(dot)org(dot)uk>, spi-general(at)lists(dot)spi-inc(dot)org |
Subject: | Re: Meeting agenda bot, website, git, ssh |
Date: | 2009-01-20 08:55:48 |
Message-ID: | 20090120085548.GB10386@wiggy.net |
Views: | Raw Message | Whole Thread | Download mbox |
Lists: | spi-general |
Previously Joerg Jaspert wrote:
> >> Those that need write access (Hello Ian, MJ, Jimmy) should send me a ssh
> >> key they want to use for it. Clone from git(at)git(dot)spi-inc(dot)org:$project.git
> > Willdo.
>
> > Is there one single access control setup for the whole thing, or are
> > there several ? It would be nice to be able to let people edit the
> > website without giving them the power to run code on the server, for
> > example.
>
> Noone gets access to the server directly. :)
Did you install the gitweb security fix? :)
Wichert.
--
Wichert Akkerman <wichert(at)wiggy(dot)net> It is simple to make things.
http://www.wiggy.net/ It is hard to make things simple.
From: | Ian Jackson <ijackson(at)chiark(dot)greenend(dot)org(dot)uk> |
---|---|
To: | spi-general(at)lists(dot)spi-inc(dot)org |
Subject: | Re: Meeting agenda bot, website, git, ssh |
Date: | 2009-01-20 11:22:27 |
Message-ID: | 18805.46067.519051.836641@chiark.greenend.org.uk |
Views: | Raw Message | Whole Thread | Download mbox |
Lists: | spi-general |
Joerg Jaspert writes ("Re: Meeting agenda bot, website, git, ssh"):
> [Ian Jackson:]
> > Is there one single access control setup for the whole thing, or are
> > there several ? It would be nice to be able to let people edit the
> > website without giving them the power to run code on the server, for
> > example.
>
> Noone gets access to the server directly. :)
>
> (Well, in case someone needs access to a server, we can certainly
> arrange things. But thats completly seperate from git access)
If the code for something running on the server is kept in git then
effectively everyone who can write to the git can run code on the
server, because even if pushing to the running copy is manual no-one
will review every diff.
Ian.
From: | Joerg Jaspert <joerg(at)debian(dot)org> |
---|---|
To: | Ian Jackson <ijackson(at)chiark(dot)greenend(dot)org(dot)uk> |
Cc: | spi-general(at)lists(dot)spi-inc(dot)org |
Subject: | Re: Meeting agenda bot, website, git, ssh |
Date: | 2009-01-21 09:06:48 |
Message-ID: | 87ocy1rpsn.fsf@vorlon.ganneff.de |
Views: | Raw Message | Whole Thread | Download mbox |
Lists: | spi-general |
>> > Is there one single access control setup for the whole thing, or are
>> > there several ? It would be nice to be able to let people edit the
>> > website without giving them the power to run code on the server, for
>> > example.
>> Noone gets access to the server directly. :)
>> (Well, in case someone needs access to a server, we can certainly
>> arrange things. But thats completly seperate from git access)
> If the code for something running on the server is kept in git then
> effectively everyone who can write to the git can run code on the
> server, because even if pushing to the running copy is manual no-one
> will review every diff.
Are we up to splitting hairs now? :)
So, for that:
Noone except us admins has shell access to the box the git repo is on.
Yes, of course, if you can commit stuff you can commit bad things too.
Somehow thats (technically) not avoidable. Unless you want one of us
admins play gatekeeper, and *I* sure not want to add such a
restriction.
--
bye, Joerg
[Kaffeemaschinen und Babies]
Funktioniert aber so ähnlich: Du füllst oben was rein und unten kommt's braun raus...
-- Martin Würtele
From: | Ian Jackson <ijackson(at)chiark(dot)greenend(dot)org(dot)uk> |
---|---|
To: | spi-general(at)lists(dot)spi-inc(dot)org |
Subject: | Re: Meeting agenda bot, website, git, ssh |
Date: | 2009-01-21 10:27:51 |
Message-ID: | 18806.63655.922132.169596@chiark.greenend.org.uk |
Views: | Raw Message | Whole Thread | Download mbox |
Lists: | spi-general |
Joerg Jaspert writes ("Re: Meeting agenda bot, website, git, ssh"):
> [Ian:]
> > If the code for something running on the server is kept in git then
> > effectively everyone who can write to the git can run code on the
> > server, because even if pushing to the running copy is manual no-one
> > will review every diff.
>
> Are we up to splitting hairs now? :)
This was the motivation for my original question, so not
hair-splitting at all.
> Yes, of course, if you can commit stuff you can commit bad things too.
> Somehow thats (technically) not avoidable. Unless you want one of us
> admins play gatekeeper, and *I* sure not want to add such a
> restriction.
One obvious approach is to have differently-access-controlled git
repositories only some of which are able to take over the machine.
For example, people who need to edit web pages do not need to be able
to run code on the server. I assume (perhaps over-optimistically)
that whatever CMS(s) we are using do not permit the author of the page
data to execute code on the server.
Ian.
From: | Wichert Akkerman <wichert(at)wiggy(dot)net> |
---|---|
To: | Ian Jackson <ijackson(at)chiark(dot)greenend(dot)org(dot)uk> |
Cc: | spi-general(at)lists(dot)spi-inc(dot)org |
Subject: | Re: Meeting agenda bot, website, git, ssh |
Date: | 2009-02-05 18:43:40 |
Message-ID: | 20090205184340.GA25109@wiggy.net |
Views: | Raw Message | Whole Thread | Download mbox |
Lists: | spi-general |
Previously Ian Jackson wrote:
> For example, people who need to edit web pages do not need to be able
> to run code on the server. I assume (perhaps over-optimistically)
> that whatever CMS(s) we are using do not permit the author of the page
> data to execute code on the server.
>
THe current CMS (Plone) most certainly does not allow that. Normal users
are not allowed to create any python code. Managers are allowed to
create python scripts via a web interface, but they are executed in a
restricted environment which does not allow any filesystem access, nor
anything else that might be a security risk.
Wichert.
--
Wichert Akkerman <wichert(at)wiggy(dot)net> It is simple to make things.
http://www.wiggy.net/ It is hard to make things simple.