On Wed, 05 Dec 2012 06:31:34 -0600
Tim Chase <g...@tim.thechases.com> wrote:

> > If your "Git origin server" can be accessed via SSH, you can 
> > perform any sugrery on the remote repository using nothing but
> > the SSH client on the bugzilla side as SSH is a *shell.*
> Just as a side note, some administrators may lock down the shell
> used depending on the type of account login.  In particular, I've
> got some client-facing logins on one box that use "rssh" as the
> login shell, limiting the users to just scp/sftp access without the
> ability to execute arbitrary commands (such as git).  That said, the
> *normal* thing to do is have full ssh shell access.

Good point.

But in fact people, again, tend to overlook that on a typical POSIX box
running a full-featured web server (such as apache or lighty or nginx)
it's easy to write a no-brainer CGI script (it can be written even in
plain shell) which would parse $PATH_INFO and carry out the requested
action.  The script could be called out using a tool like `curl`
from the client side.
These days, a "web application" tend to mean some monstrous
thing written using some monstrous web framework while in reality
simple web scripting could be implemented simply.

Hence if granting proper SSH access is complicated, I would opt for a
simple dedicated CGI script setup.


Reply via email to