Is it possible to prevent EMSRV to make certain server paths invisible?
What do I mean by that?
Suppose I'd like to install an instance of EMSRV on some server that is accessible publicly. This is intended to have a place that is more private than VASTGoodies to exchange code with other developers (NOT open source code, and not code that is in a state that can be published).
EMSRV should not allow to open a file browser on the server directories other than maybe one single path, optimal would be no file prompter at all. What I mean is the dialog that opens when you select "connect to server" or "clone library" and such. Users can probably not do much harm, but I'd be much more comfortable if noone can use this dialog to find out anything about the file system of the server.
I know that EMSRV is not the perfect solution for a distributed team, but at least it can be used to exchange versions of Applications and Maps between developers, so it sounds like the easiest and least painful alternative to work in a (small) distributed team to exchange some VA ST code...
hmm. It seems I can change into directories but they seem to be empty. Not bad, but still leaves a bitter taste... But now that you said that, I may have to check more carefully what permissions my emsrv user has...
Am Donnerstag, 8. November 2012 21:44:14 UTC+1 schrieb John O'Keefe:
Could you control this with directory permissions? If EMSRV does not have read permission on a directory, I don't think it will show in the file selection dialog.
sounds like a bit more work than I'd like to invest ;-)
I don't disagree that it's a lot of work, but how secure do you want to be? IIRC, one can wander anywhere on the box via emsrv. After my initial email, I spent a bit of time trying to create a chroot session on a CentOS box, and never did succeed. Should you choose this route, you're probably better off with Debian/Ubuntu, so you can take advantage of schroot.
Have you considered setting up a small, simple virtual machine in which to host emsrv? That way, if you miss a permission somewhere, you're just endangering the VM, rather than your real environment. If you snapshot the VM, you can recover fairly quickly in the event of a disaster.
http://www.turnkeylinux.org/ has a bunch of free pre-built appliances that could be used as a starting point, and https://www.virtualbox.org/ has a good, free VM environment.