On Fri, 2005-07-29 at 17:19, "Martin v. Löwis" wrote: > I believe this alone either won't work or won't be good enough (not > sure which one): If you have /bin/false as login shell, and still > manage to invoke /usr/bin/svnserve remotely, you can likely also > invoke /usr/bin/cat /etc/passwd remotely (or download and build > the root exploit via ssh). > > So you would have restrict the set of valid programs to *only* > svnserve. This is possible, but difficult to manage (AFAIK).
I think that's basically right. > - on Linux, my issue is that .subversion is on NFS, so any root > user in our net can connect to the file. Therefore, I copy > the .p12 file to /tmp/private_dir, and remove the passphrase > there. No other machine can read the file (as /tmp is not > exported), and the file goes away after machine shutdown > latest (as tmp is cleaned on reboot). I don't think that's true on all Linuxes though (or even all *nixes). -Barry
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
