Versions Compared

Old Version 5

changes.mady.by.user Greg Hudson

Saved on

compared with

New Version 6

changes.mady.by.user Greg Hudson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Manage the authorized_keys file of a user account, and allow public key authentication for SSH.
  • Configure commit emails for a repository.
  • Manage access control for a repository.
  • Manage integration of a repository with other MAP infrastructure such as Bamboo.
  • Receive a partial or complete dump file of a repository.
  • Post a dump file to be loaded into a repository.
  • Automatically provision a new repository for an existing -users and -admin ownership group, to faciliate one project per repository.

...

  • Support for users without Kerberos principals.  Touchstone and CAMS are prerequisites for this.
  • -svnadmin groupsAdmin lists; these are subsets of - committers groups and control who has access to manage a repository through the web application. If a -svnadmin groups does not exist, all members of the -committers group will have accessBy default, the admin list is the commiters group itself.

Issue: Security architecture and hook scripts

...

The third option is probably not acceptable to us, particularly after we add support for non-Kerberos users, but it's worth noting that web hosting has a similar security issue and most web hosting providers have taken the third approach.

Inventory of Configurable State

User configuration

  • What public keys are allowed for SSH access
  • Whether the MAP password exists and what it is

Group configuration

  • Whether commit access through DAV is possible for repositories owned by this group
  • Whether commit access through the svnserve daemon is possible for repositories owned by this group
  • What this group's admin list is (not user-configurable)
  • What this group's shell account is, if any (not user-configurable)
  • The namespace prefix for automatic provisioning of repositories, if any (not user-configurable)

Repository configuration

Some of these can only apply to a repository using the standard hook scripts. 

  • Whether the repository is world-readable on the server (allows read-only DAV/svnserve access if commits through DAV/svnserve are disabled)
  • The access control file for the repository
  • Where commit emails for the repository go, if anywhere