* James MacFarlane <[email protected]> [2008-12-17 07:45]: > I'm looking for ideas on how to secure a repository so that it allows > anonymous downloads but only accepts packages from permitted sources (be > that specific users or systems). > > So far I can't see a ready way to limit how pkg.depotd works in this > way. It can be run in read-only mode and restarted in read / write mode > to publish a package, but that just limits the opportunity for > unauthorised packages to be published. > > The other option I've been thinking of is to do something with an Apache > front-end, and then to restrict access to the backend pkg.depotd port > with IP Filter. > > Any other thoughts, or have I missed something obvious in the docs :-)
Access control for publication isn't implemented yet. There are some design suggestions in the list archives. I believe some folks have experimented with Apache providing basic HTTP authentication as well. - Stephen -- [email protected] http://blogs.sun.com/sch/ _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
