On Wed, 2007-07-11 at 21:30 +0200, Jeroen van Meeuwen wrote: > A possible solution might be though, to have Transifex store the > submitted PO's in /some/path/transifex, and then have another user > account lift it's files and metadata, commit it to the pulled source > repository (signed with GPG), and then push it upstream (with SSH > priv/pub keys). Storing those passwords (plaintext or decryptable) would > make just as much sense to me as allowing empty passwords to use these > keys, but at least you prevent the webinterface from ever reaching those > keys or files. Seems like an idea to pursue. If httpd is the user doing the TurboGears part, then have a transifexd that does the actual commits. That separation of the Web interface plus a good SELinux policy might be enough. How to trigger it? Or let it run as a full-time daemon? The risk, folks, is that we get compromised and someone cracks an upstream SCM through our servers. Just think about that. Enough to turn a warm beer cold. - Karsten -- Karsten Wade, 108 Editor ^ Fedora Documentation Project Sr. Developer Relations Mgr. | fedoraproject.org/wiki/DocsProject quaid.108.redhat.com | gpg key: AD0E0C41 ////////////////////////////////// \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Attachment:
signature.asc
Description: This is a digitally signed message part
