[SAC] Dealing with private vs. public git/gogs repositories
Sandro Santilli
strk at keybit.net
Thu Apr 14 03:01:15 PDT 2016
FYI, I've implemented the setup described in my mail:
1. www-data user is now part of the git group
2. directories under /home/git/gogs-repositories are setgid
3. all files under /home/git/gogs-repositories are owned
by the 'git' group and are group readable
4. Gogs will run with umask 0007 (see
https://git.osgeo.org/_gogs_/sac/gogs-config/src/master/start.sh)
--strk;
On Thu, Apr 14, 2016 at 11:09:12AM +0200, Sandro Santilli wrote:
> The Gogs service [1] adds the possibility for any OSGeo User [2]
> to create private Git repositories. At the filesystem level,
> Gogs makes no distinction about the permissions of the corresponding
> directory, which is all then only determined by umask in the process
> running the service [3].
>
> While this approach is fine as long as Gogs is the _only_ access
> method to the repositories, we might want to allow for more access
> methods, especially if some projects would like to keep using Trac
> to manage tickets (rather than migrate them all to Gogs). This is
> particularly interesting for read-only access, whereas write access
> is (IMHO) ok to be solely driven by a single access method.
>
> One way to allow wider read-only access would be to make all
> Gogs-managed repositories group readable and put any user that
> would need read-only access into that group. This would still not
> give proper isolation between users (or ogranizations) when it
> comes to private repositories, but it might be acceptable for OSGeo.
>
> In particular, adding the "www-data" user to the "git" group and
> making all Gogs-managed repositories owned by group "git" and
> group-readable would allow any Trac instance administrator to
> browse any Gogs-managed repository (including private ones).
> I don't know if there are other possibility for an OSGeo User
> to get the web server expose arbitrary filesystem directories,
> but this Trac case is one I know for sure. Note that not all
> OSGeo Users would be Trac instance administrators, but it's worth
> noting the possible over-wide access.
>
> What do you think about this setup ? Do you think it would be
> acceptable to give www-data user read-only access to all Gogs
> repositories ?
>
> [1] https://wiki.osgeo.org/wiki/SAC:Gogs
> [2] http://www.osgeo.org/osgeo_userid
> [3] https://github.com/gogits/gogs/issues/2950
>
> --strk;
--
() Free GIS & Flash consultant/developer
/\ http://strk.keybit.net/services.html
More information about the Sac
mailing list