On Wednesday 25 March 2009, Brandon Casey wrote:
> Johan Herland wrote:
> > Some colleagues of mine are working on a "secret" project, and they
> > want to create a central/server/integration repo that should be
> > group-writable, but not at all accessible to anybody outside the group
> > (i.e. files should be 0660 ("-rw-rw----"), dirs should be 2770
> > ("drwxrws---")).
> >
> > I started setting this up for them in the following manner:
> >
> > mkdir foo.git
> > cd foo.git
> > git init --bare --shared=group
> > cd ..
> > chgrp -R groupname foo.git
> > chmod -R o-rwx foo.git
> >
> > ...and everything looks good, initially...
> >
> > However, when I start pushing into this repo, the newly created files
> > are readable to everybody (files are 0664 ("-rw-rw-r--"), dirs are 2775
> > ("drwxrwsr-x")).
>
> But nobody has access to anything under foo.git since you did
> 'chmod o-rwx foo.git' above.
Yes, it's hard (impossible???) for outside users to get at the files, since
they reside in directories that are not readable to them. However, this does
not at all hide the fact that:
1. The "chmod -R o-rwx" is a command I added myself. Nowhere in Git's
documentation is it said that it is a good idea to run this command.
2. Preferably, when creating a 0660 repo, "git init" should automatically
perform this chmod for you, in the same manner that it already sets the
"set-gid" bit for group-shared repos.
> Unless I'm missing something, I think you already have what you want.
Maybe, but it certainly doesn't fill me with warm, fuzzy, secure feelings.
Am I being overly paranoid?
Have fun! :)
...Johan
--
Johan Herland, <johan@xxxxxxxxxxx>
www.herland.net
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
