Running CGit with user owning the repository

Konstantin Ryabitsev konstantin at linuxfoundation.org
Thu Dec 13 21:24:14 CET 2018


On Wed, Dec 12, 2018 at 08:11:14PM +0100, Marco Pessotto wrote:
>this is going to be a dumb question, but are there major concerns about
>running CGit with the same user owning the repository? Ok, not
>super-optimal, but is that acceptable?

It's generally not something I'd advise. Of course, CGit does its best 
to remain secure and should not perform any write operations on the git 
repositories it serves. However, this means your defenses are 1 layer 
deep. If a sufficiently bad bug in CGit is found, your repositories are 
now exposed to tampering.

It's best practice not to create systems protected by only one layer of 
defense, because bugs and deployment mistakes will inevitably result in 
security incidents given a long enough period of time. Adding extra 
protection such as different systems users for writing and reading will 
help you hedge against such problems.

-K


More information about the CGit mailing list