From: Mike Hommey <mh@glandium.org>
To: Dmitry Potapov <dpotapov@gmail.com>
Cc: git@vger.kernel.org, gitster@pobox.com
Subject: Re: [PATCH] Allow git-shell to be used as a ssh forced-command
Date: Sat, 18 Apr 2009 00:36:49 +0200 [thread overview]
Message-ID: <20090417223649.GA1881@glandium.org> (raw)
In-Reply-To: <37fcd2780904171400uf9d1f36g4d24e02aebf6ac3f@mail.gmail.com>
On Sat, Apr 18, 2009 at 01:00:35AM +0400, Dmitry Potapov wrote:
> On Fri, Apr 17, 2009 at 09:49:19PM +0200, Mike Hommey wrote:
> > On Fri, Apr 17, 2009 at 08:24:35PM +0400, Dmitry Potapov wrote:
> > > On Thu, Apr 16, 2009 at 11:10:56PM +0200, Mike Hommey wrote:
> > > > When using a forced-command, OpenSSH sets the SSH_ORIGINAL_COMMAND
> > > > variable to what would otherwise be passed to $SHELL -c. When this
> > > > variable is set, we use it instead of the contents of argv.
> > >_
> > > It would be nice to provide some justification where it can be used.
> > > IOW, why do you want to have the force command where essentially
> > > you execute the original command as it were no force-command?
> >_
> > You're not executing any command, but only what git-shell allows.
> > This allows git-shell to be set as a forced-command for a specific
> > ssh key, for example.
>
> Would it better to set git-shell as the login shell for this account?
> IMHO, that provides better security than using a forced-command, and
> that is how git-shell is intended to use. So, I am not sure what are
> benefits of using a forced-command when it just executes the original
> command using git-shell.
You may want to provide other kind of accesses for the same account.
Also, an unpriviledged user would be able to, without root access, setup
write access to his private git repositories via forced-commands for
given ssh keys.
> Besides, you made SSH_ORIGINAL_COMMAND to take precedent over explicitly
> specified parameters given to git-shell. Maybe it should be the other
> way around?
If SSH_ORIGINAL_COMMAND is set, which means forced-commands are in use,
I don't see why other parameters should be more important.
Mike
next prev parent reply other threads:[~2009-04-17 22:38 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-04-16 21:10 [PATCH] Allow git-shell to be used as a ssh forced-command Mike Hommey
2009-04-17 16:24 ` Dmitry Potapov
2009-04-17 19:49 ` Mike Hommey
2009-04-17 21:00 ` Dmitry Potapov
2009-04-17 22:36 ` Mike Hommey [this message]
2009-04-17 22:41 ` Shawn O. Pearce
2009-04-17 23:44 ` Mike Hommey
2009-04-18 7:46 ` Matthieu Moy
2009-04-17 23:40 ` Junio C Hamano
2009-04-17 23:48 ` Tommi Virtanen
2009-04-18 1:24 ` Junio C Hamano
2009-04-18 6:31 ` Mike Hommey
2009-04-21 5:43 ` [PATCH v2] " Mike Hommey
2009-04-21 8:05 ` Dmitry Potapov
2009-04-21 9:46 ` Eygene Ryabinkin
2009-04-21 8:13 ` Junio C Hamano
2009-04-21 9:09 ` Mike Hommey
2009-04-21 11:16 ` Dmitry Potapov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090417223649.GA1881@glandium.org \
--to=mh@glandium.org \
--cc=dpotapov@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).