Hi,
this may sound like a strange question... Is it possible to prevent EMSRV to make certain server paths invisible? What do I mean by that? Suppose I'd like to install an instance of EMSRV on some server that is accessible publicly. This is intended to have a place that is more private than VASTGoodies to exchange code with other developers (NOT open source code, and not code that is in a state that can be published). EMSRV should not allow to open a file browser on the server directories other than maybe one single path, optimal would be no file prompter at all. What I mean is the dialog that opens when you select "connect to server" or "clone library" and such. Users can probably not do much harm, but I'd be much more comfortable if noone can use this dialog to find out anything about the file system of the server. I know that EMSRV is not the perfect solution for a distributed team, but at least it can be used to exchange versions of Applications and Maps between developers, so it sounds like the easiest and least painful alternative to work in a (small) distributed team to exchange some VA ST code... Thanks for your ideas, Joachim -- You received this message because you are subscribed to the Google Groups "VA Smalltalk" group. To view this discussion on the web visit https://groups.google.com/d/msg/va-smalltalk/-/K5rrQgzyeZEJ. To post to this group, send email to [hidden email]. To unsubscribe from this group, send email to [hidden email]. For more options, visit this group at http://groups.google.com/group/va-smalltalk?hl=en. |
Joachim -
Could you control this with directory permissions? If EMSRV does not have read permission on a directory, I don't think it will show in the file selection dialog. John -- You received this message because you are subscribed to the Google Groups "VA Smalltalk" group. To view this discussion on the web visit https://groups.google.com/d/msg/va-smalltalk/-/7O11_kAM4Q0J. To post to this group, send email to [hidden email]. To unsubscribe from this group, send email to [hidden email]. For more options, visit this group at http://groups.google.com/group/va-smalltalk?hl=en. |
In reply to this post by jtuchel
On Thursday, November 8, 2012 9:02:48 AM UTC-5, [hidden email] wrote:
Is it possible to prevent EMSRV to make certain server paths invisible? Haven't tried this yet, but if you're running emsrv on a Linux box, how about using chroot to limit its scope? Tom You received this message because you are subscribed to the Google Groups "VA Smalltalk" group. To view this discussion on the web visit https://groups.google.com/d/msg/va-smalltalk/-/cc8kPTusXTcJ. To post to this group, send email to [hidden email]. To unsubscribe from this group, send email to [hidden email]. For more options, visit this group at http://groups.google.com/group/va-smalltalk?hl=en. |
In reply to this post by John O'Keefe-3
John,
hmm. It seems I can change into directories but they seem to be empty. Not bad, but still leaves a bitter taste... But now that you said that, I may have to check more carefully what permissions my emsrv user has... Joachim
-- Am Donnerstag, 8. November 2012 21:44:14 UTC+1 schrieb John O'Keefe: Joachim - You received this message because you are subscribed to the Google Groups "VA Smalltalk" group. To view this discussion on the web visit https://groups.google.com/d/msg/va-smalltalk/-/a4yY6jDTonwJ. To post to this group, send email to [hidden email]. To unsubscribe from this group, send email to [hidden email]. For more options, visit this group at http://groups.google.com/group/va-smalltalk?hl=en. |
In reply to this post by Thomas Koschate-2
Tom,
sounds like a bit more work than I'd like to invest ;-) Joachim Am Freitag, 9. November 2012 11:50:09 UTC+1 schrieb Thomas Koschate: On Thursday, November 8, 2012 9:02:48 AM UTC-5, [hidden email] wrote: You received this message because you are subscribed to the Google Groups "VA Smalltalk" group. To view this discussion on the web visit https://groups.google.com/d/msg/va-smalltalk/-/C1wPOTAUXWcJ. To post to this group, send email to [hidden email]. To unsubscribe from this group, send email to [hidden email]. For more options, visit this group at http://groups.google.com/group/va-smalltalk?hl=en. |
On Sunday, November 11, 2012 4:59:29 AM UTC-5, [hidden email] wrote:
I don't disagree that it's a lot of work, but how secure do you want to be? IIRC, one can wander anywhere on the box via emsrv. After my initial email, I spent a bit of time trying to create a chroot session on a CentOS box, and never did succeed. Should you choose this route, you're probably better off with Debian/Ubuntu, so you can take advantage of schroot. Have you considered setting up a small, simple virtual machine in which to host emsrv? That way, if you miss a permission somewhere, you're just endangering the VM, rather than your real environment. If you snapshot the VM, you can recover fairly quickly in the event of a disaster. http://www.turnkeylinux.org/ has a bunch of free pre-built appliances that could be used as a starting point, and https://www.virtualbox.org/ has a good, free VM environment. Tom
-- You received this message because you are subscribed to the Google Groups "VA Smalltalk" group. To view this discussion on the web visit https://groups.google.com/d/msg/va-smalltalk/-/e-b7gyqDs4QJ. To post to this group, send email to [hidden email]. To unsubscribe from this group, send email to [hidden email]. For more options, visit this group at http://groups.google.com/group/va-smalltalk?hl=en. |
Free forum by Nabble | Edit this page |