Running CGit with user owning the repository

Marco Pessotto melmothx at gmail.com
Fri Dec 14 11:24:07 CET 2018


Konstantin Ryabitsev <konstantin at linuxfoundation.org> writes:

> On Wed, Dec 12, 2018 at 08:11:14PM +0100, Marco Pessotto wrote:
>>this is going to be a dumb question, but are there major concerns about
>>running CGit with the same user owning the repository? Ok, not
>>super-optimal, but is that acceptable?
>
> It's generally not something I'd advise. Of course, CGit does its best
> to remain secure and should not perform any write operations on the git
> repositories it serves. However, this means your defenses are 1 layer
> deep. If a sufficiently bad bug in CGit is found, your repositories are
> now exposed to tampering.
>
> It's best practice not to create systems protected by only one layer of
> defense, because bugs and deployment mistakes will inevitably result in
> security incidents given a long enough period of time. Adding extra
> protection such as different systems users for writing and reading will
> help you hedge against such problems.

Thanks Konstantin for your advise, it seems the best thing to do indeed.

--
Marco


More information about the CGit mailing list