Excerpts from Grant Husbands's message of Fri Aug 07 13:48:42 +0200 2009: > I'm hoping I'm mistaken, but it seems to be quite hard to set up a > secure, working, internet-accessible Darcs server that allows > relatively untrusted users to push changes. As I understand it the > options are: > > 1. HTTP: A bit sniffable. Authentication not supported. Read-only. > 2. HTTPS: Authentication not supported. Not supported at all on > Windows (Darcs doesn't trust any root certs). Read-only. > 3. SSH: Not secure, as it requires giving people shell access to the > server. Allows file-edits that don't comply with version control.
You can use a custom restricted shell for these users. You could only allow to call "darcs apply". > 4. File-share: Firewalls and authentication issues can make this > tricky, and it's long-winded. Allows file-edits that don't comply with > version control. > 5. Email (to accompany HTTP/HTTPS): Requires manual effort for patch > application or can't return sensible error messages (if it can, then > it can probably also serve as a spamming host). Manual efforts can be automated :) Best regards, -- Nicolas Pouillard http://nicolaspouillard.fr _______________________________________________ darcs-users mailing list [email protected] http://lists.osuosl.org/mailman/listinfo/darcs-users
